CVE-2022-24323
published 2022-03-09CVE-2022-24323: A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon…
medium5.9CVSS 3.1
AVNACHPRNUINSUCNIHAN
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Process Expert (V2021 and prior), EcoStruxure Control Expert (V15.0 SP1 and prior)
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | ecostruxure_control_expert | < 15.0 | 15.0 |
| schneider-electric | ecostruxure_control_expert | — | — |
| schneider-electric | ecostruxure_process_expert | <= 2021 | — |
| schneider_electric | ecostruxure_control_expert | — | — |
| schneider_electric | ecostruxure_process_expert | — | — |