How severe is CVE-2022-34754?

CVE-2022-34754 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2022-34754

6.8MEDIUM

A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C (A9XELC10-A) (V1.7.5 and prior

Published: 7/13/2022Updated: 11/21/2024

Description

A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C (A9XELC10-A) (V1.7.5 and prior), Acti9 PowerTag Link C (A9XELC10-B) (V2.12.0 and prior)

AI AnalysisPowered by AI

Affected Products

schneider-electricacti9_powertag_link_c_\(a9xelc10-a\)_firmware

schneider-electricacti9_powertag_link_c_\(a9xelc10-a\)

schneider-electricacti9_powertag_link_c_\(a9xelc10-b\)_firmware

schneider-electricacti9_powertag_link_c_\(a9xelc10-b\)

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-03_Acti9_PowerTag_Link_C_Security_Notification.pdf
PatchVendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-03_Acti9_PowerTag_Link_C_Security_Notification.pdf
PatchVendor Advisory