1. EXECUTIVE SUMMARY
- CVSS v4 10.0
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Schneider Electric
- Equipment: EcoStruxure IT Gateway
- Vulnerability: Missing Authorization
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow unauthorized access.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Schneider Electric reports that the following versions of EcoStruxure IT Gateway are affected:
- EcoStruxure IT Gateway: 1.21.0.6
- EcoStruxure IT Gateway: 1.22.0.3
- EcoStruxure IT Gateway: 1.22.1.5
- EcoStruxure IT Gateway: 1.23.0.4
This article has been indexed from All CISA Advisories
Read the original article: