Information Exposure in Easergy T300 by Schneider Electric
CVE-2021-22770

6.5MEDIUM

Key Information:

Vendor: Schneider Electric
Status: Easergy T300 With Firmware V2.7.1 And Older
Vendor: CVE Published:; 21 July 2021

Summary

An information exposure vulnerability in Easergy T300 allows unauthorized access to sensitive information due to improper safeguarding measures in firmware versions V2.7.1 and older. This flaw can enable malicious actors to acquire confidential data, potentially compromising system integrity and user privacy.

Affected Version(s)

Easergy T300 with firmware V2.7.1 and older Easergy T300 with firmware V2.7.1 and older

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 21, 2021
Vulnerability Reserved
Jan 6, 2021