Schneider Electric Ecostruxure It Gateway vulnerabilities

2 known vulnerabilities affecting schneider_electric/ecostruxure_it_gateway.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL1HIGH1

Vulnerabilities

Page 1 of 1

CVE-2024-10575CRITICALCVSS 10.0vVersion 1.21.0.6vVersion 1.22.0.3+2 more2024-11-13

CVE-2024-10575 [CRITICAL] CWE-862 CVE-2024-10575: CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enable CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices.

CVE-2024-0865HIGHCVSS 7.8v1.20.x and prior2024-06-12

CVE-2024-0865 [HIGH] CWE-798 CVE-2024-0865: CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalat CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user.