CVE-2023-27975
published 2024-02-14CVE-2023-27975: CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when…
high7.1CVSS 3.1
AVLACLPRLUINSUCHIHAN
CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized
access to the project file in EcoStruxure Control Expert when a local user tampers with the
memory of the engineering workstation.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | ecostruxure_control_expert | < 16.0 | 16.0 |
| schneider-electric | ecostruxure_process_expert | < 2023 | 2023 |
| schneider_electric | ecostruxure_control_expert | — | — |
| schneider_electric | ecostruxure_process_expert | — | — |