Vulnerability Details CVE-2022-24319
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA web server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.6%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-05
- https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0018/MNDT-2022-0018.md
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-05
- https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0018/MNDT-2022-0018.md
Products affected by CVE-2022-24319
-
cpe:2.3:a:schneider-electric:clearscada:-
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:-
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7268.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7322.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7429.2
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7457.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7488.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7522.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7545.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7578.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7613.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7641.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7690.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7714.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7742.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7777.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7808.2
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7840.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7875.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7896.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7936.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7980.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8015.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8108.2
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8122.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8155.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8172.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8197.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8220.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8267.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8333.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8369.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:-
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7551.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7578.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7613.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7641.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7692.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7717.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7742.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7787.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7809.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7840.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7875.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7913.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7936.2
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7980.2
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8017.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8108.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8122.2
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8155.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8181.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8197.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8221.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8267.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8332.1
-
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8370.1