Schneider-Electric Ecostruxure It Gateway vulnerabilities
3 known vulnerabilities affecting schneider-electric/ecostruxure_it_gateway.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2024-10575CRITICALCVSS 10.0v1.21.0.6v1.22.0.3+2 more2024-11-13
CVE-2024-10575 [CRITICAL] CWE-862 CVE-2024-10575: CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enable
CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on
the network and potentially impacting connected devices.
nvd
CVE-2024-0865HIGHCVSS 7.8fixed in 1.21.02024-06-12
CVE-2024-0865 [HIGH] CWE-798 CVE-2024-0865: CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege
escalat
CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege
escalation when logged in as a non-administrative user.
nvd
CVE-2020-10626HIGHCVSS 7.8≥ 1.5.0.66, ≤ 1.5.2.28≥ 1.6.0.39, ≤ 1.6.2.14+1 more2020-05-14
CVE-2020-10626 [HIGH] CWE-427 CVE-2020-10626: In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability
In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code.
nvd