Schneider Electric C-Bus Toolkit vulnerabilities
3 known vulnerabilities affecting schneider_electric/c-bus_toolkit.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-5399CRITICALCVSS 9.8vv1.16.3 and prior 2023-10-04
CVE-2023-5399 [CRITICAL] CWE-22 CVE-2023-5399:
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path
Traversal') vulner
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path
Traversal') vulnerability exists that could cause tampering of files on the personal computer
running C-Bus when using the File Command.
cvelistv5nvd
CVE-2023-5402CRITICALCVSS 9.8vv1.16.3 and prior 2023-10-04
CVE-2023-5402 [CRITICAL] CWE-269 CVE-2023-5402:
A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote
code exec
A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote
code execution when the transfer command is used over the network.
cvelistv5nvd
CVE-2021-22716HIGHCVSS 7.8≥ V, < 1.15.92021-04-13
CVE-2021-22716 [HIGH] CWE-732 CVE-2021-22716: A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could all
A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit (V1.15.9 and prior)
cvelistv5nvd