CVE-2021-22714

CWE-119 — Buffer Overflow3 documents3 sources

Severity

9.8CRITICAL

EPSS

2.3%

top 15.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Schneider-electric Powerlogic Ion7400 Firmware Schneider-electric Powerlogic Ion9000 Firmware Schneider-electric Powerlogic Pm8000 Firmware

Timeline

PublishedMar 11

Latest updateMay 24

Description

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All versions prior to V3.0.0), which could cause the meter to reboot or allow for remote code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶NVDschneider-electric/powerlogic_pm8000_firmware< 3.0.0

▶NVDschneider-electric/powerlogic_ion7400_firmware< 3.0.0

▶NVDschneider-electric/powerlogic_ion9000_firmware< 3.0.0

🔴Vulnerability Details

GHSA

GHSA-r3vq-3892-g6rc: A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All↗2022-05-24

▶

CVEList

CVE-2021-22714: A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All↗2021-03-11

▶