SEVD-2022-039-03 — Vulnetix

SEVD-2022-039-03 PUBLISHED CVSS 7.099999904632568 HIGH

Schneider Electric is aware of multiple vulnerabilities in its Easergy P40 product line. The Easergy P40 is a protection relay series for MV, HV and EHV protection. Failure to apply the mitigation provided below may risk disclosure of device credentials, loss of communications, or an attacker gaining full control of the relay. This could result in loss of protection to your electrical network.

Risk Scores

CVSS v3.1

7.099999904632568

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
	Schneider Electric Easergy P40 Series model numbers with Ethernet option bit as Q, R, S All PX4X firmware versions

Timeline

Feb 8, 2022 CVE Published

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-03&_ga=2.200121902.1298079493.1661373828-967930403.1652192677 advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-03 advisory
https://www.se.com/us/en/download/document/7EN52-0390/ advisory

Open in Interactive Console →