VDB
CVE-2022-30232
CVE-2022-30232
PUBLISHED
CVSS 8 HIGH
A CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code execution when an attacker is able to intercept and modify a request on the same network or has configuration access to an ION device on the network. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior)
EPSS 1.07% · 78.1th percentile
Risk Scores
CVSS 3.1
8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
1.07%
78.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| schneider-electric | powerlogic_ion_setup_firmware | 0 |
| Schneider Electric | Power Logic ION Setup | All |
Exploit Intelligence
Timeline
- May 10, 2022 CVE Published
- Jun 3, 2022 EPSS Score
- Jun 14, 2022 EPSS Score
- Jul 22, 2022 EPSS Score
- Aug 22, 2022 CVE Updated
- Sep 9, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 15, 2022 EPSS Score
- Feb 1, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 9, 2023 EPSS Score
- Jun 27, 2023 EPSS Score
References
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-130-01_PowerLogic_ION_Setup_Security_Notification.pdf&p_Doc_Ref=SEVD-2022-130-01 advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-130-02_Saitel_DP_RTU_Security_Notification.pdf&p_Doc_Ref=SEVD-2022-130-02 advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V7.0.pdf&p_Doc_Ref=SEVD-2021-313-05 advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-130-03_WiserSmart_Security_Notification.pdf&p_Doc_Ref=SEVD-2022-130-03 advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-313-03_APC_NMC_Security_Notification_V2.0.pdf&p_Doc_Ref=SEVD-2021-313-03 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-067-02_APC-Smart-UPS_Security_Notification_V6.0.pdf advisory
- https://www.se.com/ww/en/download/document/SEVD-2022-130-01/ url
- https://nvd.nist.gov/vuln/detail/CVE-2022-30232 advisory
- https://www.se.com/ww/en/download/document/SEVD-2022-130-01 url