VDB
SEVD-2022-130-03
SEVD-2022-130-03
PUBLISHED
CVSS 9.399999618530273 CRITICAL
Schneider Electric is aware of multiple vulnerabilities in its Wiser Smart products. The Wiser Smart [EER21000 and EER21001] products is a home automation system which reports your energy consumption and controls the most energy consuming devices. Failure to apply the mitigations provided below may risk root level access attack, which could result in execution of arbitrary code.
Risk Scores
CVSS v3.1
9.399999618530273
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric Wiser Smart version 4.5 and prior | ||
| Schneider Electric Wiser Smart versions 4.5 and prior |
Timeline
- May 10, 2022 CVE Published
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-130-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2022-130-03.json advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-130-03_WiserSmart_Security_Notification.pdf advisory
- https://www.se.com/us/en/download/document/7EN52-0390/ url