Buffer Overflow Vulnerability in Easergy P5 by Schneider Electric
CVE-2022-22723

8.8HIGH

Key Information:

Vendor: Schneider Electric
Status: Easergy P5 (all Firmware Versions Prior To V01.401.101)
Vendor: CVE Published:; 4 February 2022

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2022-22723?

A buffer overflow vulnerability exists in the Easergy P5, impacting firmware versions before V01.401.101. This vulnerability arises from improper handling of input sizes, allowing attackers to send specially crafted packets over the network. As a consequence, this can lead to program crashes or even arbitrary code execution, potentially compromising the integrity of protection and tripping functions conducted via GOOSE protocol. Users are encouraged to update to the latest firmware to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Easergy P5 (All firmware prior to V01.401.101) Easergy P5 (All firmware versions prior to V01.401.101)

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 4, 2022
Vulnerability Reserved
Jan 6, 2022

JSON

Schneider Electric

What is CVE-2022-22723?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.