← back
CVE-2018-7245

CVE-2018-7245

EPSS 1.3%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.3%KEV nãoPoC Patch
Lifecycle
18 Apr 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to change UPS control and shutdown parameters or other critical settings without authorization.
Affected products
Schneider Electric SE · 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-074-01/