CVE-2022-45789

🗓️ 31 Jan 2023 00:00:00Reported by schneiderType

Authentication Bypass by Capture-replay vulnerability in Modbus controller

Reporter	Title	Published	Views	Family All 17
ATTACKERKB	CVE-2022-45789	31 Jan 202306:15	–	attackerkb
BDU FSTEC	The vulnerability of the EcoStruxure Process Expert automation system, related to bypassing the authentication process, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.	31 Jan 202300:00	–	bdu_fstec
Circl	CVE-2022-45789	31 Jan 202312:38	–	circl
CNNVD	Schneider Electric EcoStruxure Control Expert 安全漏洞	31 Jan 202300:00	–	cnnvd
CVE	CVE-2022-45789	31 Jan 202300:00	–	cve
EUVD	EUVD-2022-48645	3 Oct 202520:07	–	euvd
ICS	Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon M340, M580 and M580 CPU (Update A)	10 Jan 202300:00	–	ics
NCSC	Vulnerabilities fixed in Schneider Electric EcoStruxure and Modicon products	31 Jan 202300:00	–	ncsc
NVD	CVE-2022-45789	31 Jan 202306:15	–	nvd
OSV	CVE-2022-45789	31 Jan 202306:15	–	osv

[
  {
    "defaultStatus": "unaffected",
    "product": "EcoStruxure Control Expert ",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EcoStruxure Process Expert",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Modicon M340 CPU (part numbers BMXP34*)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

09 Aug 2023 13:48Current

9.6High risk

Vulners AI Score9.6

CVSS 3.18.1

EPSS0.01443

CWE-294