Improper Input Validation Vulnerability in Easergy P5 by Schneider Electric
CVE-2022-34758

5.1MEDIUM

Key Information:

Vendor: Schneider Electric
Status: Easergy P5
Vendor: CVE Published:; 13 July 2022

Summary

An improper input validation vulnerability exists in Schneider Electric's Easergy P5, which could potentially allow an attacker with privileged user credentials to disable the device's watchdog function. This may lead to system instability and unauthorized access, effectively compromising the device's operation. Users are encouraged to review security notices and take necessary precautions to mitigate any potential risks associated with this vulnerability.

Affected Version(s)

Easergy P5 Firmware

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

x_refsource_MISC

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 13, 2022
Vulnerability Reserved
Jun 28, 2022