Vulnerabilities > Schneider Electric > X80 Advanced RTU Module Firmware > 2.01

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-13	CVE-2022-34761	Unspecified vulnerability in Schneider-Electric products A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. network low complexity schneider-electric	7.5
2022-07-13	CVE-2022-34762	Unspecified vulnerability in Schneider-Electric products A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. network low complexity schneider-electric	7.5
2022-07-13	CVE-2022-34763	Unspecified vulnerability in Schneider-Electric products A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. network low complexity schneider-electric	7.5
2022-07-13	CVE-2022-34765	Exposure of Resource to Wrong Sphere vulnerability in Schneider-Electric products A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. network low complexity schneider-electric CWE-668	5.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.