PT-2021-3890 · Schneider Electric · Powerlogic Ion7400+2

Published

2021-03-09

Updated

2022-02-03

CVE-2021-22714

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions PowerLogic ION7400 versions prior to V3.0.0 PowerLogic PM8000 versions prior to V3.0.0 PowerLogic ION9000 versions prior to V3.0.0

Description The issue is related to a buffer overflow in the memory, which could allow a remote attacker to cause the device to reboot or execute arbitrary code. This is due to an improper restriction of operations within the bounds of a memory buffer.

Recommendations For PowerLogic ION7400 versions prior to V3.0.0, update to version V3.0.0 or later to resolve the issue. For PowerLogic PM8000 versions prior to V3.0.0, update to version V3.0.0 or later to resolve the issue. For PowerLogic ION9000 versions prior to V3.0.0, update to version V3.0.0 or later to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2021-04271

CVE-2021-22714

Affected Products

Powerlogic Ion7400

Powerlogic Ion9000

Powerlogic Pm8000

PT-2021-3890 · Schneider Electric · Powerlogic Ion7400+2

CVE-2021-22714

Weakness Enumeration

Related Identifiers

Affected Products

References · 8