VDB
SEVD-2023-346-03
SEVD-2023-346-03
PUBLISHED
CVSS 5.300000190734863 MEDIUM
Schneider Electric is aware of a vulnerability in its Easy UPS Online Monitoring Software, known as Easy UPS Online Monitoring Software, and Schneider Electric UPS Online Monitoring Software known as Schneider SP Series UPS Online Monitoring Software in China. The Easy UPS Online Monitoring Software is used to configure and manage Easy UPS products. Failure to apply the remediations provided below may risk elevation of privileges which could result in arbitrary file deletion with system privileges.
Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric Easy UPS Online Monitoring (Windows 10, 11, Windows Server 2016, 2019, 2022) prior to 2.6-GA-01-23116 | ||
| 2.6 |
Timeline
- Dec 12, 2023 CVE Published
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-346-03.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2023-346-03.json advisory
- https://www.se.com/us/en/download/document/7EN52-0390/ advisory
- https://www.apc.com/us/en/faqs/FAQ000260058/ fix