Vulnerabilities > CVE-2024-0865 - Unspecified vulnerability in Schneider-Electric Ecostruxure IT Gateway

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2024-06-12

Updated: 2024-11-21

Summary

CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user.

Part	Description	Count
Application	Schneider-Electric Schneider Electric Ecostruxure IT Gateway - Schneider Electric Ecostruxure IT Gateway 1.5.0.66 Schneider Electric Ecostruxure IT Gateway 1.5.1.30 Schneider Electric Ecostruxure IT Gateway 1.5.2.28 Schneider Electric Ecostruxure IT Gateway 1.6.0.39 Schneider Electric Ecostruxure IT Gateway 1.6.1.9 Schneider Electric Ecostruxure IT Gateway 1.6.2.14 Schneider Electric Ecostruxure IT Gateway 1.7.0.64	8