Open Redirect Vulnerability in Schneider Electric’s Products
CVE-2023-5629

8.2HIGH

Key Information:

Vendor: Schneider Electric
Status: Trio Q-Series Ethernet Data Radio; Trio E-Series Ethernet Data Radio; Trio J-Series Ethernet Data Radio
Vendor: CVE Published:; 14 December 2023

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2023-5629?

A vulnerability related to open redirect has been identified in certain products by Schneider Electric, potentially allowing attackers to redirect users to untrusted sites. This could facilitate phishing attacks and lead to the unauthorized disclosure of sensitive information. Users are advised to review security notices and implement necessary safeguards to protect against such threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Trio E-Series Ethernet Data Radio All versions of models ER45e, EB45e, EH45e

Trio J-Series Ethernet Data Radio All Versions

Trio Q-Series Ethernet Data Radio Versions prior to 2.7.0

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 14, 2023
Vulnerability Reserved
Oct 18, 2023

JSON

Schneider Electric