2.0.4.1.2131

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

LOW

network

low complexity

schneider-electric

NVD

Published: 2024-06-12

Updated: 2024-08-14

Summary

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impacts are limited to port scanning and fingerprinting activities as well as attempts to perform a potential denial of service attack on the exposed SSH interface.

Vulnerable Configurations

Part	Description	Count
OS	Schneider-Electric Schneider Electric Evlink Home Firmware 2.0.3.8.2_128 Schneider Electric Evlink Home Firmware 2.0.4.1.2_131	2
Hardware	Schneider-Electric Schneider Electric Evlink Home -	1

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-03.pdf