Vulnerability Details CVE-2022-34758
A CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. Affected Products: Easergy P5 (V01.401.102 and prior)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.9%
CVSS Severity
CVSS v3 Score 5.1
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-04_Easergy_P5_Security_Notification.pdf
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-04_Easergy_P5_Security_Notification.pdf
Products affected by CVE-2022-34758
-
cpe:2.3:h:schneider-electric:easergy_p5:-
-
cpe:2.3:o:schneider-electric:easergy_p5_firmware:01.401.101
-
cpe:2.3:o:schneider-electric:easergy_p5_firmware:01.401.102