Vulnerabilities > Schneider Electric > Ion8800 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-15 | CVE-2023-5984 | Download of Code Without Integrity Check vulnerability in Schneider-Electric Ion8650 Firmware and Ion8800 Firmware A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow modified firmware to be uploaded when an authorized admin user begins a firmware update procedure which could result in full control over the device. | 4.9 |
| 2023-11-15 | CVE-2023-5985 | Cross-site Scripting vulnerability in Schneider-Electric Ion8650 Firmware and Ion8800 Firmware A CWE-79 Improper Neutralization of Input During Web Page Generation vulnerability exists that could cause compromise of a user’s browser when an attacker with admin privileges has modified system values. | 4.8 |