VDB
SEVD-2022-011-07
SEVD-2022-011-07
PUBLISHED
CVSS 5 MEDIUM
Schneider Electric is aware of multiple vulnerabilities in its EcoStruxure™ Power Monitoring Expert product (PME). EcoStruxure Power Monitoring Expert is on-premise software used to help power-critical and energy-intensive facilities maximize uptime and operational efficiency. Failure to apply the remediation provided below may risk loss of data confidentiality, data integrity issues, or a loss of access to the server.
Risk Scores
CVSS 3.1
5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric EcoStruxure Power Monitoring Exper 2021 | ||
| Schneider Electric EcoStruxure Power Monitoring Exper <=9.0 | ||
| Schneider Electric EcoStruxure Power Monitoring Exper 2020 CU3 | ||
| Schneider Electric EcoStruxure Power Monitoring Exper <=2020 |
Exploit Intelligence
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-011-07_EcoStruxure_Power_Monitoring_Expert_Security_Notification.pdf&p_Doc_Ref=SEVD-2022-011-07&_ga=2.264993807.1277613497.1664186063-1964063624.1663165410 (circl)
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-07&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2022-011-07.json (circl)
- https://www.se.com/us/en/download/document/7EN52-0390/ (circl)
- https://schneider-electric.app.box.com/folder/152201039971?s=dwbjm0bp3850ek95zyinv6g7nqjj86fm (circl)
Timeline
- Jan 11, 2022 CVE Published
References
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-011-07_EcoStruxure_Power_Monitoring_Expert_Security_Notification.pdf&p_Doc_Ref=SEVD-2022-011-07&_ga=2.264993807.1277613497.1664186063-1964063624.1663165410 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-07&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2022-011-07.json advisory
- https://www.se.com/us/en/download/document/7EN52-0390/ advisory
- https://schneider-electric.app.box.com/folder/152201039971?s=dwbjm0bp3850ek95zyinv6g7nqjj86fm fix