CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-34755

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a valid user. Affected Products: Easergy Builder Installer (1.7.23 and prior)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.7%

CVSS Severity

CVSS v3 Score 6.3

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf

Products affected by CVE-2022-34755

Schneider-Electric » Easergy Builder Installer » Version: Any

cpe:2.3:a:schneider-electric:easergy_builder_installer:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-34755

Products

Pricing

Contact Us