Risk Scores
CVSS v3.1
7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.21%
43.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| schneider-electric | pro-face_blue | 0, 3.3, 3.3 |
| Schneider Electric | EcoStruxure Operator Terminal Expert | V3.3 |
| Schneider Electric | Pro-face BLUE | V3.3 |
| schneider-electric | ecostruxure_operator_terminal_expert | 3.3, 3.3, 0 |
Timeline
- Nov 4, 2022 CVE Published
- Nov 5, 2022 EPSS Score
- Nov 9, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Jan 29, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 13, 2023 EPSS Score
- Apr 24, 2023 EPSS Score
- Jun 6, 2023 EPSS Score
- Aug 30, 2023 EPSS Score
- Oct 12, 2023 EPSS Score
- Nov 23, 2023 EPSS Score
References
- https://www.se.com/ww/en/download/document/SEVD-2022-284-01/ url
- https://nvd.nist.gov/vuln/detail/CVE-2022-41671 advisory
- https://www.se.com/ww/en/download/document/SEVD-2022-284-01 url
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-284-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-284-01_EcoStruxure_Operator_Terminal_Expert_and_Pro-face_BLUE_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-284-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-284-04-EcoStruxure_Power_Operation_and_EcoStruxure_Power_SCADA.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-284-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-284-03-SAGE_RTU_ISaGraf_Workbench_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-284-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-284-02-EcoStruxure_Panel_Server_Box_PAS900_Security_Notification.pdf advisory