CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-7972

A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the ability to escape out of remote PowerSCADA Anywhere applications and launch other processes.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.8%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 5.2

References

http://www.schneider-electric.com/en/download/document/SEVD-2017-173-01/
http://www.securityfocus.com/bid/99913
https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9071-security-notification-citect-anywhere
http://www.schneider-electric.com/en/download/document/SEVD-2017-173-01/
http://www.securityfocus.com/bid/99913
https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9071-security-notification-citect-anywhere

Products affected by CVE-2017-7972

Schneider-Electric » Citect Anywhere » Version: 1.0

cpe:2.3:a:schneider-electric:citect_anywhere:1.0
Schneider-Electric » Powerscada Anywhere » Version: 1.0

cpe:2.3:a:schneider-electric:powerscada_anywhere:1.0
Schneider-Electric » Powerscada Expert » Version: 8.1

cpe:2.3:a:schneider-electric:powerscada_expert:8.1
Schneider-Electric » Powerscada Expert » Version: 8.2

cpe:2.3:a:schneider-electric:powerscada_expert:8.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7972

Products

Pricing

Contact Us