Schneider Electric Easergy Builder Sensitive Information Plaintext Storage Vulnerability (CNVD-2020-46566)

The Schneider Electric Easergy Builder is used by expert engineering teams to configure the T300 grid automation platform. Schneider Electric Easergy Builder 1.4.7.2 and earlier versions contain a sensitive information plaintext storage vulnerability that can be exploited by an attacker to access...

Easergy Builder Weak Password Requirement Vulnerability

Schneider Electric Easergy Builder is a set of configuration software for Easergy remote terminal units and controllers from Schneider Electric, France. A security vulnerability exists in Schneider Electric Easergy Builder version 1.4.7.2 and prior versions. An attacker could exploit the...

Schneider Electric Easergy Builder Cryptographic Algorithm Vulnerability

The Schneider Electric Easergy Builder is used by expert engineering teams to configure the T300 grid automation platform. A cryptographic algorithm vulnerability exists in Schneider Electric Easergy Builder version 1.4.7.2 and earlier, which stems from a broken cryptographic algorithm used, and...

Schneider Electric Easergy Builder Sensitive Information Plaintext Storage Vulnerability

The Schneider Electric Easergy Builder is used by expert engineering teams to configure the T300 grid automation platform. Schneider Electric Easergy Builder 1.4.7.2 and earlier versions contain a sensitive information plaintext storage vulnerability that can be exploited by an attacker to read...

Schneider Electric Easergy Builder Input Validation Error Vulnerability

The Schneider Electric Easergy Builder is used by expert engineering teams to configure the T300 grid automation platform. An input validation error vulnerability exists in Schneider Electric Easergy Builder version 1.4.7.2 and earlier versions, which can be exploited by an attacker to modify...

CVE-2020-7519

A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to compromise a user account...

CVE-2020-7516

A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker access to login credentials...

CVE-2020-7519

A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to compromise a user account...

CVE-2020-7518

A CWE-20: Improper input validation vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to modify project configuration files...

Input validation

A CWE-20: Improper input validation vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to modify project configuration files...

Command injection

A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to read user credentials...

Design/Logic Flaw

A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to compromise a user account...

CVE-2020-7519

A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to compromise a user account...

CVE-2020-7517

A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to read user credentials...

CVE-2020-7517

Affected software: Easergy Builder (versions 1.4.7.2 and older). Vulnerability type: CWE-312 Cleartext Storage of Sensitive Information. Root cause / impact: The product stores sensitive information in plaintext, enabling an attacker with local access to read user credentials. The CVE entry expli...

CVE-2020-7514

Schneider Electric Easergy Builder (versions ≤ 1.4.7.2) contains a CWE-327 vulnerability due to use of a broken or risky cryptographic algorithm. This could allow an attacker to access the device’s authorization credentials and gain full access. The affected component is Easergy Builder; root cau...