Lucene search
K

201 matches found

Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.5 views

PT-2023-7005 · Schneider Electric · Schneider Electric Powerlogic Ion8650 +1

Name of the Vulnerable Software and Affected Versions: Schneider Electric PowerLogic ION8650, ION8800 affected versions not specified Description: A Download of Code Without Integrity Check issue exists, allowing modified firmware to be uploaded during a firmware update procedure initiated by an...

8.3CVSS5.2AI score0.00306EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.6 views

PT-2023-7004 · Schneider Electric · Schneider Electric Powerlogic Ion8650 +1

Name of the Vulnerable Software and Affected Versions: Schneider Electric PowerLogic ION8650, PowerLogic ION8800 affected versions not specified Description: The issue is related to improper neutralization of input during web page generation, which could lead to compromise of a user's browser. An...

4.8CVSS4.8AI score0.00399EPSS
Exploits0References5
ICS
ICS
added 2023/08/17 6:0 a.m.41 views

Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...

9.8CVSS10AI score0.00379EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/06/28 12:0 a.m.6 views

The vulnerability of microprogrammed software for power measuring instruments and energy counters from Schneider Electric’s PowerLogic ION9000, PowerLogic ION7400, PowerLogic PM8000, PowerLogic ION8650, and PowerLogic ION8800 lies in the transmission of data in an open manner, allowing attackers to gain unauthorized access to protected information.

The vulnerability of microprogrammed software for power measurement instruments and energy counters from Schneider Electric’s PowerLogic ION9000, PowerLogic ION7400, PowerLogic PM8000, PowerLogic ION8650, and PowerLogic ION8800 lies in the transmission of data in an open manner. Exploiting this...

10CVSS8.1AI score0.00379EPSS
Exploits0References2Affected Software3
Tenable Nessus
Tenable Nessus
added 2023/06/01 12:0 a.m.33 views

Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters Cleartext Transmission of Sensitive Information (CVE-2022-46680)

A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic. This plugin only works with Tenable.ot. Please visit...

9.8CVSS8.7AI score0.00379EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/22 12:0 a.m.6 views

Schneider Electric PowerLogic 安全漏洞

Schneider Electric PowerLogic is an industrial control device from Schneider Electric, France. Provides increased power factor to improve power quality and troubleshoot power failures to protect networks, devices, and operators. A security vulnerability exists in the Schneider Electric PowerLogic...

9.8CVSS8.6AI score0.00379EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.5 views

PT-2023-3317 · Schneider Electric · Powerlogic Ion7400 +4

Name of the Vulnerable Software and Affected Versions: Schneider Electric PowerLogic ION9000 versions affected versions not specified Schneider Electric PowerLogic ION7400 versions affected versions not specified Schneider Electric PowerLogic PM8000 versions affected versions not specified...

10CVSS9.1AI score0.00379EPSS
Exploits0References5
NCSC
NCSC
added 2023/04/20 12:0 a.m.4 views

Vulnerability fixed in Schneider Electric PowerLogic

Schneider Electric has fixed a vulnerability in PowerLogic HDPM6000. A malicious party could exploit the vulnerability to cause a denial-of-service DoS, or possibly to execute arbitrary execute arbitrary code on the vulnerable system, by sending specially prepared Ethernet packets. To send the...

9.8CVSS7.8AI score0.01118EPSS
Exploits0
CNNVD
CNNVD
added 2023/04/18 12:0 a.m.4 views

Schneider Electric PowerLogic 输入验证错误漏洞

Schneider Electric PowerLogic is an industrial control device from Schneider Electric, France. Provides increased power factor to improve power quality and troubleshoot power failures to protect networks, devices, and operators. An input validation error vulnerability exists in Schneider Electric...

9.8CVSS8.7AI score0.01118EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2023/04/11 12:0 a.m.2 views

VulnCheck KEV: CVE-2021-22713

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 see security notifcation for affected versions, which could cause the meter to reboot...

7.8CVSS7.3AI score0.01185EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.23 views

Schneider Electric PowerLogic Improper Input Validation (CVE-2021-22765)

UNSUPPORTED WHEN ASSIGNED A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 Versions 3.0.0 and newer and PowerLogic EGX300 All Versions that could cause denial of service or remote code execution via a specially crafted HTTP packet. This plugin only works with...

9.8CVSS9.2AI score0.02708EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.17 views

Schneider Electric PowerLogic Improper Input Validation (CVE-2021-22768)

UNSUPPORTED WHEN ASSIGNED A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 Versions 3.0.0 and newer and PowerLogic EGX300 All Versions that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from...

9.8CVSS9.1AI score0.02708EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.18 views

Schneider Electric PowerLogic Improper Input Validation (CVE-2021-22766)

UNSUPPORTED WHEN ASSIGNED A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 Versions 3.0.0 and newer and PowerLogic EGX300 All Versions that could cause denial of service via a specially crafted HTTP packet. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.4AI score0.01279EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/16 12:0 a.m.6 views

The vulnerability of the microprogrammed software of the multi-environmental electrical voltage measuring instrument PowerLogic HDPM6000, related to unverified array indexing, allows a intruder to execute arbitrary code.

The vulnerability of the microprogrammed software of the PowerLogic HDPM6000 electrical voltage measuring instrument is related to unverified array indexing. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by sending a specially crafted Ethernet request...

10CVSS8.2AI score0.01118EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.29 views

Schneider Electric PowerLogic Cleartext Transmission of Sensitive Information (CVE-2021-22703)

A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause disclosure of user credentials when a malicious actor intercepts HTT...

7.5CVSS7.4AI score0.00573EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.33 views

Schneider Electric PowerLogic Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-22714)

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 All versions prior to V3.0.0, which could cause the meter to reboot or allow for remote code execution. - A CWE-119:Improper restriction of operations...

9.8CVSS9AI score0.02428EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.27 views

Schneider Electric PowerLogic Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-22713)

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 see security notifcation for affected versions, which could cause the meter to reboot. This plugin only works wi...

7.8CVSS7.6AI score0.01185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.20 views

Schneider Electric PowerLogic Cleartext Transmission of Sensitive Information (CVE-2021-22702)

A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause disclosure of user credentials when a malicious actor...

7.5CVSS7.4AI score0.00566EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.25 views

Schneider Electric PowerLogic Cross-Site Request Forgery (CVE-2021-22701)

A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause a user to perform an unintended action on the target device when using the HTTP web...

6.1CVSS5.2AI score0.00321EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.5 views

Schneider Electric PowerLogic ION Setup 输入验证错误漏洞

Schneider Electric PowerLogic ION Setup is a free, user-friendly configuration tool from Schneider Electric France. It provides an intuitive environment for setting up and verifying the settings of PowerLogic meters and other devices. An input validation error vulnerability exists in Schneider...

6.5CVSS6.5AI score0.00672EPSS
Exploits0References2
Rows per page
Query Builder