Uncontrolled Resource Consumption Vulnerability in Easergy T300 by Schneider Electric
CVE-2020-7507

7.5HIGH

Key Information:

Vendor: Schneider Electric
Status: Easergy T300 (firmware Version 1.5.2 And Older)
Vendor: CVE Published:; 16 June 2020

Summary

An uncontrolled resource consumption vulnerability exists in Schneider Electric's Easergy T300 product. This flaw allows an attacker to repeatedly initiate login attempts, which can lead to a denial of service. If exploited, the vulnerability may disrupt the normal functioning of the Easergy T300, impacting overall system availability and security. Proper remediation is essential to safeguard against malicious exploitation of this vulnerability.

Affected Version(s)

Easergy T300 (Firmware version 1.5.2 and older) Easergy T300 (Firmware version 1.5.2 and older)

References

https://www.se.com/ww/en/download/document/SEVD-2020-161-04

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 16, 2020
Vulnerability Reserved
Jan 21, 2020