Vulnerabilities > Schneider Electric > Ecostruxure Cybersecurity Admin Expert
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-30 | CVE-2022-32747 | Authentication Bypass by Spoofing vulnerability in Schneider-Electric Ecostruxure Cybersecurity Admin Expert A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the local network. | 7.1 |
2023-01-30 | CVE-2022-32748 | Improper Certificate Validation vulnerability in Schneider-Electric Ecostruxure Cybersecurity Admin Expert A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software to give wrong data to end users when using CAE to configure devices. | 8.1 |