VDB
CVE-2022-2329
CVE-2022-2329
PUBLISHED
CVSS 9.800000190734863 CRITICAL
De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
EPSS 3.83% · 88.3th percentile
Risk Scores
CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
3.83%
88.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric | IGSS Data Server (IGSSdataServer.exe) | * |
| schneider-electric | interactive_graphical_scada_system | 0 |
| Schneider Electric | N/A |
Timeline
- Jul 12, 2022 CVE Published
- Aug 22, 2022 CVE Updated
- Feb 1, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 22, 2023 EPSS Score
- Jun 1, 2023 EPSS Score
- Jul 11, 2023 EPSS Score
- Sep 29, 2023 EPSS Score
- Nov 8, 2023 EPSS Score
- Dec 19, 2023 EPSS Score
- Mar 8, 2024 EPSS Score
- Apr 17, 2024 EPSS Score
References
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-102-01_IGSS_Security_Notification_V2.0.pdf url
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-194-01_EcoStruxure_Control_Expert_Process_Expert_SCADAPack_RemoteConnect_Modicon_M580_M340_V4.0.pdf advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-02_SpaceLogic-C-Bus-Home-Controller-Wiser_MK2_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules_Security_Notification_V3.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-03_Acti9_PowerTag_Link_C_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-011-06_CODESYSV3_Runtime_Development_System_and_Gateway_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-257-01_EcoStruxure_Control_Expert_EcoStruxure_Process_Expert_SCADAPack_Security_Notification_V3.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-067-02_APC-Smart-UPS_Security_Notification_V6.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-04_Easergy_P5_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-222-02_AT%26T_Labs-XMILX_DEMILL_Eco_Struxure_Control_ExpertEco_Struxure_Process_Expert_SCADA_Pack_RemoteConnect_x70_Security_Notification_V4.0.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-2329 advisory