Brute Force Vulnerability in Schneider Electric Easergy T300 Firmware
CVE-2020-7511

7.5HIGH

Key Information:

Vendor: Schneider Electric
Status: Easergy T300 (firmware Version 1.5.2 And Older)
Vendor: CVE Published:; 16 June 2020

Summary

A vulnerability exists in Schneider Electric's Easergy T300 that stems from the use of a flawed cryptographic algorithm. This issue allows an attacker to exploit the weakness and potentially retrieve passwords by executing a brute force attack. Affected versions, specifically firmware version 1.5.2 and older, need immediate attention to mitigate risks associated with unauthorized access.

Affected Version(s)

Easergy T300 (Firmware version 1.5.2 and older) Easergy T300 (Firmware version 1.5.2 and older)

References

https://www.se.com/ww/en/download/document/SEVD-2020-161-04

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 16, 2020
Vulnerability Reserved
Jan 21, 2020