CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Schneider-Electric: >> Ion8650 Firmware Security Vulnerabilities

CVE-2023-5984

A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow modified firmware to be uploaded when an authorized admin user begins a firmware update procedure which could result in full control over the device.

CVSS Score

7.2

EPSS Score

0.0

Published

2023-11-15

CVE-2023-5985

A CWE-79 Improper Neutralization of Input During Web Page Generation vulnerability exists that could cause compromise of a user’s browser when an attacker with admin privileges has modified system values.

CVSS Score

4.8

EPSS Score

0.001

Published

2023-11-15

Page 1

Vulnerabilities

Vulnerable Software

Schneider-Electric: >> Ion8650 Firmware Security Vulnerabilities

Products

Pricing

Contact Us