201 matches found
PT-2023-7005 · Schneider Electric · Schneider Electric Powerlogic Ion8650 +1
Name of the Vulnerable Software and Affected Versions: Schneider Electric PowerLogic ION8650, ION8800 affected versions not specified Description: A Download of Code Without Integrity Check issue exists, allowing modified firmware to be uploaded during a firmware update procedure initiated by an...
PT-2023-7004 · Schneider Electric · Schneider Electric Powerlogic Ion8650 +1
Name of the Vulnerable Software and Affected Versions: Schneider Electric PowerLogic ION8650, PowerLogic ION8800 affected versions not specified Description: The issue is related to improper neutralization of input during web page generation, which could lead to compromise of a user's browser. An...
Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...
The vulnerability of microprogrammed software for power measuring instruments and energy counters from Schneider Electric’s PowerLogic ION9000, PowerLogic ION7400, PowerLogic PM8000, PowerLogic ION8650, and PowerLogic ION8800 lies in the transmission of data in an open manner, allowing attackers to gain unauthorized access to protected information.
The vulnerability of microprogrammed software for power measurement instruments and energy counters from Schneider Electric’s PowerLogic ION9000, PowerLogic ION7400, PowerLogic PM8000, PowerLogic ION8650, and PowerLogic ION8800 lies in the transmission of data in an open manner. Exploiting this...
Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters Cleartext Transmission of Sensitive Information (CVE-2022-46680)
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic. This plugin only works with Tenable.ot. Please visit...
Schneider Electric PowerLogic 安全漏洞
Schneider Electric PowerLogic is an industrial control device from Schneider Electric, France. Provides increased power factor to improve power quality and troubleshoot power failures to protect networks, devices, and operators. A security vulnerability exists in the Schneider Electric PowerLogic...
PT-2023-3317 · Schneider Electric · Powerlogic Ion7400 +4
Name of the Vulnerable Software and Affected Versions: Schneider Electric PowerLogic ION9000 versions affected versions not specified Schneider Electric PowerLogic ION7400 versions affected versions not specified Schneider Electric PowerLogic PM8000 versions affected versions not specified...
Vulnerability fixed in Schneider Electric PowerLogic
Schneider Electric has fixed a vulnerability in PowerLogic HDPM6000. A malicious party could exploit the vulnerability to cause a denial-of-service DoS, or possibly to execute arbitrary execute arbitrary code on the vulnerable system, by sending specially prepared Ethernet packets. To send the...
Schneider Electric PowerLogic 输入验证错误漏洞
Schneider Electric PowerLogic is an industrial control device from Schneider Electric, France. Provides increased power factor to improve power quality and troubleshoot power failures to protect networks, devices, and operators. An input validation error vulnerability exists in Schneider Electric...
VulnCheck KEV: CVE-2021-22713
A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 see security notifcation for affected versions, which could cause the meter to reboot...
Schneider Electric PowerLogic Improper Input Validation (CVE-2021-22765)
UNSUPPORTED WHEN ASSIGNED A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 Versions 3.0.0 and newer and PowerLogic EGX300 All Versions that could cause denial of service or remote code execution via a specially crafted HTTP packet. This plugin only works with...
Schneider Electric PowerLogic Improper Input Validation (CVE-2021-22768)
UNSUPPORTED WHEN ASSIGNED A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 Versions 3.0.0 and newer and PowerLogic EGX300 All Versions that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from...
Schneider Electric PowerLogic Improper Input Validation (CVE-2021-22766)
UNSUPPORTED WHEN ASSIGNED A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 Versions 3.0.0 and newer and PowerLogic EGX300 All Versions that could cause denial of service via a specially crafted HTTP packet. This plugin only works with Tenable.ot. Please visit...
The vulnerability of the microprogrammed software of the multi-environmental electrical voltage measuring instrument PowerLogic HDPM6000, related to unverified array indexing, allows a intruder to execute arbitrary code.
The vulnerability of the microprogrammed software of the PowerLogic HDPM6000 electrical voltage measuring instrument is related to unverified array indexing. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by sending a specially crafted Ethernet request...
Schneider Electric PowerLogic Cleartext Transmission of Sensitive Information (CVE-2021-22703)
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause disclosure of user credentials when a malicious actor intercepts HTT...
Schneider Electric PowerLogic Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-22714)
A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 All versions prior to V3.0.0, which could cause the meter to reboot or allow for remote code execution. - A CWE-119:Improper restriction of operations...
Schneider Electric PowerLogic Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-22713)
A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 see security notifcation for affected versions, which could cause the meter to reboot. This plugin only works wi...
Schneider Electric PowerLogic Cleartext Transmission of Sensitive Information (CVE-2021-22702)
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause disclosure of user credentials when a malicious actor...
Schneider Electric PowerLogic Cross-Site Request Forgery (CVE-2021-22701)
A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause a user to perform an unintended action on the target device when using the HTTP web...
Schneider Electric PowerLogic ION Setup 输入验证错误漏洞
Schneider Electric PowerLogic ION Setup is a free, user-friendly configuration tool from Schneider Electric France. It provides an intuitive environment for setting up and verifying the settings of PowerLogic meters and other devices. An input validation error vulnerability exists in Schneider...