A CWE-787: Out-of-bounds Write vulnerability exists that could cause sensitive information leakage when accessing a malicious web page from the commissioning software. Affected Products: SoMachine HVAC (Versions prior to V2.1.0), EcoStruxure Machine Expert – HVAC (Versions prior to V1.4.0)
References
Configurations
Configuration 1 (hide)
|
History
07 Feb 2023, 17:34
Type | Values Removed | Values Added |
---|---|---|
First Time |
Schneider-electric
Schneider-electric somachine Hvac Schneider-electric ecostruxure Machine Expert - Hvac |
|
CPE | cpe:2.3:a:schneider-electric:ecostruxure_machine_expert_-_hvac:*:*:*:*:*:*:*:* cpe:2.3:a:schneider-electric:somachine_hvac:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-01_EcoStruxure_Machine_Expert_Machine_HVAC_Security_Notification.pdf - Release Notes, Vendor Advisory |
03 Feb 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A CWE-787: Out-of-bounds Write vulnerability exists that could cause sensitive information leakage when accessing a malicious web page from the commissioning software. Affected Products: SoMachine HVAC (Versions prior to V2.1.0), EcoStruxure Machine Expert – HVAC (Versions prior to V1.4.0) |
30 Jan 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-30 11:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-2988
Mitre link : CVE-2022-2988
CVE.ORG link : CVE-2022-2988
JSON object : View
Products Affected
schneider-electric
- somachine_hvac
- ecostruxure_machine_expert_-_hvac
CWE
CWE-787
Out-of-bounds Write