Missing Authorization Vulnerability in Easergy T300 by Schneider Electric
CVE-2020-28215
9.8CRITICAL
What is CVE-2020-28215?
The Easergy T300 device by Schneider Electric is affected by a missing authorization vulnerability that arises from inadequate access control checks. This oversight can lead to various security issues, including unauthorized information exposure, denial of service incidents, and the potential for arbitrary code execution. Organizations using firmware versions 2.7 and older should prioritize security measures to mitigate the risks associated with this vulnerability.
Affected Version(s)
Easergy T300 (firmware 2.7 and older) Easergy T300 (firmware 2.7 and older)