← back
CVE-2022-46680

CVE-2022-46680

CVSS 8.8 HIGHEPSS 0.4%CWE-319
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.8EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 May 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Schneider Electric · Legacy ION productsSchneider Electric · PowerLogic ION7400Schneider Electric · PowerLogic ION8650Schneider Electric · PowerLogic ION8800Schneider Electric · PowerLogic ION9000Schneider Electric · PowerLogic PM8000

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-129-03.pdf