Improper Authentication Vulnerability in C-Bus Toolkit and C-Gate Server by Schneider Electric
CVE-2021-22796
7.8HIGH
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 11 February 2022
What is CVE-2021-22796?
This vulnerability involves improper authentication mechanisms in the C-Bus Toolkit and C-Gate Server, potentially allowing an attacker to upload malicious files. If exploited, it may lead to unauthorized remote code execution, compromising the integrity and security of the affected systems. Users are encouraged to update their systems to the latest versions to mitigate this risk.
Affected Version(s)
C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior) C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior)