First published 17 November 2021

CVSS 3.1 Base Score: 10.0 (Critical)



A critical security vulnerability affects IGEL Cloud Gateway (ICG) in the following versions:

  • All ICG versions before 2.04.100


A penetration test has found an authentication vulnerability in ICG. It could enable an unauthenticated remote attacker to send commands and settings to connected IGEL OS endpoints.

IGEL would like to thank SCHUTZWERK GmbH, who discovered the vulnerability.

Update Instructions

  • Update to ICG 2.04.100.