CVE Published: 09/03/2022 |
CVE Updated: 03/08/2024 |
CVE Year: 2022 Source: schneider |
Vendor: Schneider Electric |
Product: EcoStruxure Process Expert Status : PUBLISHED
CVE-2022-24323 Description
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Process Expert (V2021 and prior), EcoStruxure Control Expert (V15.0 SP1 and prior)
Metrics
CVSS Version: 3.1 |
Base Score: 5.3 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H