CVE-2022-46680

Name of the Vulnerable Software and Affected Versions Schneider Electric PowerLogic ION9000 versions (affected versions not specified) Schneider Electric PowerLogic ION7400 versions (affected versions not specified) Schneider Electric PowerLogic PM8000 versions (affected versions not specified) Schneider Electric PowerLogic ION8650 versions (affected versions not specified) Schneider Electric PowerLogic ION8800 versions (affected versions not specified)

Description A vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic. This issue is related to the transmission of sensitive information in cleartext.

Recommendations For Schneider Electric PowerLogic ION9000, consider implementing encryption for sensitive data transmission until a patch is available. For Schneider Electric PowerLogic ION7400, restrict access to sensitive information to minimize the risk of exploitation. For Schneider Electric PowerLogic PM8000, avoid transmitting sensitive information over unsecured networks until the issue is resolved. For Schneider Electric PowerLogic ION8650, disable any features that transmit sensitive information in cleartext as a temporary workaround. For Schneider Electric PowerLogic ION8800, apply configuration changes to secure data transmission, such as enabling encryption, until a fix is available.