Easergy Micom P643
Monthly
Schneider Electric Easergy MiCOM protective relays contain hard-coded SNMP credentials that allow unauthenticated remote attackers to access sensitive device information and system configurations. An attacker can directly query the SNMP port (UDP 161) without authentication to retrieve operational data, relay status, and device parameters. This vulnerability affects 12 product lines across multiple versions and is classified as an authentication bypass with a CVSS 6.9 (medium-to-high confidentiality impact).
Schneider Electric Easergy MiCOM protective relays contain hard-coded SNMP credentials that allow unauthenticated remote attackers to access sensitive device information and system configurations. An attacker can directly query the SNMP port (UDP 161) without authentication to retrieve operational data, relay status, and device parameters. This vulnerability affects 12 product lines across multiple versions and is classified as an authentication bypass with a CVSS 6.9 (medium-to-high confidentiality impact).