HIGH🇵🇱 Wersja polska

CVE-2021-22705

CVSS 7.8v3.1pub. 2021-05-26upd. 2024-11-21

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or unauthorized access to system information when interacting directly with a driver installed by Vijeo Designer or EcoStruxure Machine Expert

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Schneider Electric Ecostruxure Machine Expert

    APP
    Schneider-Electric
    < 2.0
  • Schneider Electric Harmony Gk

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Harmony Gto

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Harmony Gtu

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Harmony Gtux

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Harmony Hmiscu

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Harmony Sto

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Harmony Stu

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Vijeo Designer

    APP
    Schneider-Electric
    < 6.2.11
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2021-22704CRITICAL9.1ten sam produkt

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Prod...

CVE-2020-7487CRITICAL9.8ten sam produkt

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker ...

CVE-2020-7489CRITICAL9.8ten sam produkt

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') v...

CVE-2024-8306HIGH7.8ten sam produkt

CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of conf...

CVE-2021-22817HIGH7.8ten sam produkt

A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base...