PT-2022-3587 · Schneider Electric · Ecostruxure Control Expert+2
Published
2022-04-14
·
Updated
2024-08-03
·
CVE-2022-26507
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
EcoStruxure Control Expert (affected versions not specified)
EcoStruxure Process Expert (affected versions not specified)
SCADAPack RemoteConnect (affected versions not specified)
Description
The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to execute arbitrary code.
Recommendations
For EcoStruxure Control Expert, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For EcoStruxure Process Expert, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For SCADAPack RemoteConnect, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ecostruxure Control Expert
Ecostruxure Process Expert
Scadapack Remoteconnect