VDB

SEVD-2021-159-02

SEVD-2021-159-02 PUBLISHED CVSS 8.100000381469727 HIGH

Overview Schneider Electric is aware of a vulnerability in its PowerLogic PM55xx and PowerLogic PM8ECC products. The PowerLogic PM55xx products are power metering devices. The PowerLogic PM8ECC product is an ethernet communication module. Failure to apply the mitigations or remediations provided below may risk elevation of privileges, which could result in loss of control of the affected device.

Risk Scores

CVSS v3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Schneider Electric PowerLogic PM5561 Versions prior to v10.7.3
Schneider Electric PowerLogic PM5562 Versions prior to v4.3.5
Schneider Electric PowerLogic PM5561 v10.7.3
Schneider Electric PowerLogic PM5562 v2.5.4 and prior
Schneider Electric PowerLogic PM5563 Versions prior to v2.7.8
Schneider Electric PowerLogic PM8ECC All Versions
Schneider Electric PowerLogic PM5560 Versions prior to v2.7.8
Schneider Electric PowerLogic PM5560 v2.8.3
Schneider Electric PowerLogic PM5562 v4.3.5
Schneider Electric PowerLogic PM5563 v2.8.3

Timeline

  • Jun 8, 2021 CVE Published
  • Nov 12, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›