VDB

SEVD-2023-129-01

SEVD-2023-129-01 PUBLISHED CVSS 5 MEDIUM

Schneider Electric is aware of a vulnerability in its OPC Factory Server (OFS). OPC Factory Server (OFS) is a standards compliant server application allowing open, real-time access to Schneider Electric automation and electrical distribution devices connected to Ethernet networks or fieldbuses. Failure to apply the remediation provided below may risk exposure of sensitive information, which could cause unauthorized read access to the file system running the OPC Factory Server (OFS).

Risk Scores

CVSS 3.1
5
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Schneider Electric OPC Factory Server (OFS) version 3.63SP2
Schneider Electric OPC Factory Server (OFS) versions prior to 3.63SP2

Timeline

  • May 9, 2023 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›