A CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain control of the device when the attacker brute forces the password. Affected Products: C-Bus Network Automation Controller - LSS5500NAC (Versions prior to V1.10.0), Wiser for C-Bus Automation Controller - LSS5500SHAC (Versions prior to V1.10.0), Clipsal C-Bus Network Automation Controller - 5500NAC (Versions prior to V1.10.0), Clipsal Wiser for C-Bus Automation Controller - 5500SHAC (Versions prior to V1.10.0), SpaceLogic C-Bus Network Automation Controller - 5500NAC2 (Versions prior to V1.10.0), SpaceLogic C-Bus Application Controller - 5500AC2 (Versions prior to V1.10.0)
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
History
08 Feb 2023, 16:56
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:schneider-electric:5500ac2:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:5500nac2:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:lss5500shac_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:5500shac:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:lss5500nac_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:5500nac2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:5500nac:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:lss5500nac:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:lss5500shac:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:5500shac_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:5500nac_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:5500ac2_firmware:*:*:*:*:*:*:*:* |
|
| References | (MISC) https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-06_C-Bus_Home_Automation_Products_Security_Notification.pdf - Patch, Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| First Time |
Schneider-electric
Schneider-electric 5500nac Schneider-electric lss5500shac Schneider-electric lss5500nac Firmware Schneider-electric 5500shac Firmware Schneider-electric 5500shac Schneider-electric 5500nac2 Schneider-electric 5500ac2 Firmware Schneider-electric 5500nac Firmware Schneider-electric 5500nac2 Firmware Schneider-electric 5500ac2 Schneider-electric lss5500nac Schneider-electric lss5500shac Firmware |
30 Jan 2023, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-01-30 23:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-32513
Mitre link : CVE-2022-32513
CVE.ORG link : CVE-2022-32513
JSON object : View
Products Affected
schneider-electric
- 5500shac_firmware
- 5500ac2_firmware
- 5500shac
- lss5500shac
- lss5500shac_firmware
- 5500nac_firmware
- 5500nac
- lss5500nac
- 5500nac2_firmware
- lss5500nac_firmware
- 5500ac2
- 5500nac2
CWE
CWE-521
Weak Password Requirements