How severe is CVE-2022-24323?

CVE-2022-24323 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2022-24323

Name: ecostruxure_process_expert
Author: schneider-electric

5.3MEDIUM

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an

Опубликовано: 3/9/2022Обновлено: 11/21/2024

Описание

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Process Expert (V2021 and prior), EcoStruxure Control Expert (V15.0 SP1 and prior)

ИИ-АнализНа базе ИИ

Затронутые продукты

schneider-electricecostruxure_control_expert

15.0

schneider-electricecostruxure_control_expert

15.0

schneider-electricecostruxure_process_expert

Ссылки

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-01
Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-01
Vendor Advisory