Vulnerabilities > CVE-2022-34754 - Unspecified vulnerability in Schneider-Electric products
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH low complexity
schneider-electric
Summary
A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C (A9XELC10-A) (V1.7.5 and prior), Acti9 PowerTag Link C (A9XELC10-B) (V2.12.0 and prior)
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
Hardware | 2 |
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-03_Acti9_PowerTag_Link_C_Security_Notification.pdf
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-03_Acti9_PowerTag_Link_C_Security_Notification.pdf