How severe is CVE-2022-24323?

CVE-2022-24323 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2022-24323

Name: ecostruxure_process_expert
Author: schneider-electric

5.3MEDIUM

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an

Published: 3/9/2022Updated: 11/21/2024

Description

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Process Expert (V2021 and prior), EcoStruxure Control Expert (V15.0 SP1 and prior)

AI AnalysisPowered by AI

Affected Products

schneider-electricecostruxure_control_expert

15.0

schneider-electricecostruxure_control_expert

15.0

schneider-electricecostruxure_process_expert

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-01
Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-01
Vendor Advisory