CVE-2016-5815

Name of the Vulnerable Software and Affected Versions Schneider Electric IONXXXX series power meters versions (affected versions not specified) Schneider Electric ION73XX series power meters versions (affected versions not specified) Schneider Electric ION75XX series power meters versions (affected versions not specified) Schneider Electric ION76XX series power meters versions (affected versions not specified) Schneider Electric ION8650 series power meters versions (affected versions not specified) Schneider Electric ION8800 series power meters versions (affected versions not specified) Schneider Electric PM5XXX series power meters versions (affected versions not specified)

Description The issue is related to the lack of default authentication configuration, allowing unauthorized users to access the device management portal and make configuration changes.

Recommendations For Schneider Electric IONXXXX series power meters, configure authentication to restrict access to the device management portal. For Schneider Electric ION73XX series power meters, configure authentication to restrict access to the device management portal. For Schneider Electric ION75XX series power meters, configure authentication to restrict access to the device management portal. For Schneider Electric ION76XX series power meters, configure authentication to restrict access to the device management portal. For Schneider Electric ION8650 series power meters, configure authentication to restrict access to the device management portal. For Schneider Electric ION8800 series power meters, configure authentication to restrict access to the device management portal. For Schneider Electric PM5XXX series power meters, configure authentication to restrict access to the device management portal.