CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24323

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Process Expert (V2021 and prior), EcoStruxure Control Expert (V15.0 SP1 and prior)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.7%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 4.3

References

Products affected by CVE-2022-24323

Schneider-Electric » Ecostruxure Control Expert » Version: N/A

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:-
Schneider-Electric » Ecostruxure Control Expert » Version: 14.0

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.0
Schneider-Electric » Ecostruxure Control Expert » Version: 14.1

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.1
Schneider-Electric » Ecostruxure Control Expert » Version: 15.0

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.0
Schneider-Electric » Ecostruxure Process Expert » Version: N/A

cpe:2.3:a:schneider-electric:ecostruxure_process_expert:-
Schneider-Electric » Ecostruxure Process Expert » Version: 2020

cpe:2.3:a:schneider-electric:ecostruxure_process_expert:2020
Schneider-Electric » Ecostruxure Process Expert » Version: 2021

cpe:2.3:a:schneider-electric:ecostruxure_process_expert:2021

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24323

Products

Pricing

Contact Us