How severe is CVE-2022-24323?

CVE-2022-24323 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2022-24323

Name: ecostruxure_process_expert
Author: schneider-electric

5.3MEDIUM

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an

Veröffentlicht: 3/9/2022Aktualisiert: 11/21/2024

Beschreibung

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Process Expert (V2021 and prior), EcoStruxure Control Expert (V15.0 SP1 and prior)

KI-AnalyseKI-gestützt

Betroffene Produkte

schneider-electricecostruxure_control_expert

15.0

schneider-electricecostruxure_control_expert

15.0

schneider-electricecostruxure_process_expert

Referenzen

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-01
Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-01
Vendor Advisory