Vulnerabilities > Schneider Electric > Ecostruxure Cybersecurity Admin Expert > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-30	CVE-2022-32747	Unspecified vulnerability in Schneider-Electric Ecostruxure Cybersecurity Admin Expert 2.2 A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the local network. low complexity schneider-electric	8.1
2023-01-30	CVE-2022-32748	Unspecified vulnerability in Schneider-Electric Ecostruxure Cybersecurity Admin Expert 2.2 A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software to give wrong data to end users when using CAE to configure devices. high complexity schneider-electric	8.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.