CVE-2021-22778
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), and SCADAPack RemoteConnect for x70, all versions, that could cause protected derived function blocks to be read or modified by unauthorized users when accessing a project file.
Se presenta una vulnerabilidad de credenciales insuficientemente protegidas en EcoStruxure Control Expert (todas las versiones anteriores a V15.0 SP1, incluyéndo todas las versiones de Unity Pro), EcoStruxure Process Expert (todas las versiones, incluyéndo todas las versiones de EcoStruxure Hybrid DCS) y SCADAPack RemoteConnect for x70, todas las versiones, que podría causar una lectura o modificación de bloques de función derivados protegidos por parte de usuarios no autorizados cuando se accede a un archivo de proyecto
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-01-06 CVE Reserved
- 2021-07-14 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-522: Insufficiently Protected Credentials
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01 | 2021-07-26 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Schneider-electric Search vendor "Schneider-electric" | Ecostruxure Control Expert Search vendor "Schneider-electric" for product "Ecostruxure Control Expert" | < 15.0 Search vendor "Schneider-electric" for product "Ecostruxure Control Expert" and version " < 15.0" | - |
Affected
| ||||||
Schneider-electric Search vendor "Schneider-electric" | Ecostruxure Control Expert Search vendor "Schneider-electric" for product "Ecostruxure Control Expert" | 15.0 Search vendor "Schneider-electric" for product "Ecostruxure Control Expert" and version "15.0" | - |
Affected
| ||||||
Schneider-electric Search vendor "Schneider-electric" | Ecostruxure Process Expert Search vendor "Schneider-electric" for product "Ecostruxure Process Expert" | * | - |
Affected
| ||||||
Schneider-electric Search vendor "Schneider-electric" | Remoteconnect Search vendor "Schneider-electric" for product "Remoteconnect" | * | scadapack_x70 |
Affected
|