Schneider Electric · Easergy T300 · CVE-2020-28216
**Name of the Vulnerable Software and Affected Versions**
Easergy T300 versions 2.7 and older
**Description**
The issue is related to the lack of encryption for sensitive data in the firmware of the Easergy T300 RTU. This could allow a remote attacker to gain unauthorized access to network traffic over the HTTP protocol. The vulnerability may enable an attacker to read network traffic, potentially leading to further security issues.
**Recommendations**
For versions 2.7 and older, update the firmware to a version that includes encryption for sensitive data to prevent unauthorized access to network traffic.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.