Vulnerabilities > CVE-2022-32530 - Exposure of Resource to Wrong Sphere vulnerability in Schneider-Electric GEO Scada Mobile 2020

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

schneider-electric

CWE-668

NVD

Published: 2022-06-24

Updated: 2022-07-06

Summary

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile (Build 222 and prior)

Vulnerable Configurations

Part	Description	Count
Application	Schneider-Electric Schneider Electric GEO Scada Mobile * Schneider Electric GEO Scada Mobile 2020	3

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-02_Geo_SCADA_Android_App_Security_Notification.pdf