PT-2021-15202 · Schneider Electric · Powerlogic Egx100+3
Published
2021-06-11
·
Updated
2026-05-29
·
CVE-2021-22764
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
PowerLogic PM55xx (affected versions not specified)
PowerLogic PM8ECC (affected versions not specified)
PowerLogic EGX100 (affected versions not specified)
PowerLogic EGX300 (affected versions not specified)
Description
A CWE-287: Improper Authentication issue exists that could cause loss of connectivity to the device via Modbus TCP protocol when an attacker sends a specially crafted HTTP request.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Powerlogic Egx100
Powerlogic Egx300
Powerlogic Pm55Xx
Powerlogic Pm8Ecc