CVEDB API

CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.8%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2024-0865

Schneider-Electric » Ecostruxure It Gateway » Version: N/A

cpe:2.3:a:schneider-electric:ecostruxure_it_gateway:-
Schneider-Electric » Ecostruxure It Gateway » Version: 1.5.0.66

cpe:2.3:a:schneider-electric:ecostruxure_it_gateway:1.5.0.66
Schneider-Electric » Ecostruxure It Gateway » Version: 1.5.1.30

cpe:2.3:a:schneider-electric:ecostruxure_it_gateway:1.5.1.30
Schneider-Electric » Ecostruxure It Gateway » Version: 1.5.2.28

cpe:2.3:a:schneider-electric:ecostruxure_it_gateway:1.5.2.28
Schneider-Electric » Ecostruxure It Gateway » Version: 1.6.0.39

cpe:2.3:a:schneider-electric:ecostruxure_it_gateway:1.6.0.39
Schneider-Electric » Ecostruxure It Gateway » Version: 1.6.1.9

cpe:2.3:a:schneider-electric:ecostruxure_it_gateway:1.6.1.9
Schneider-Electric » Ecostruxure It Gateway » Version: 1.6.2.14

cpe:2.3:a:schneider-electric:ecostruxure_it_gateway:1.6.2.14
Schneider-Electric » Ecostruxure It Gateway » Version: 1.7.0.64

cpe:2.3:a:schneider-electric:ecostruxure_it_gateway:1.7.0.64