Skip to main content

Ecostruxure Geo Scada Expert 2021

3 CVEs product

Monthly

CVE-2023-0595 MEDIUM This Month

A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Clearscada Ecostruxure Geo Scada Expert 2019 Ecostruxure Geo Scada Expert 2020 Ecostruxure Geo Scada Expert 2021
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-22611 HIGH PATCH This Week

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specific messages are sent to the server over the database. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ecostruxure Geo Scada Expert 2019 Ecostruxure Geo Scada Expert 2020 Ecostruxure Geo Scada Expert 2021
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-22610 HIGH PATCH This Week

A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Ecostruxure Geo Scada Expert 2019 Ecostruxure Geo Scada Expert 2020 Ecostruxure Geo Scada Expert 2021
NVD
CVSS 3.1
7.5
EPSS
0.6%
EPSS 0% CVSS 5.3
MEDIUM This Month

A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Clearscada Ecostruxure Geo Scada Expert 2019 +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specific messages are sent to the server over the database. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ecostruxure Geo Scada Expert 2019 Ecostruxure Geo Scada Expert 2020 +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Ecostruxure Geo Scada Expert 2019 Ecostruxure Geo Scada Expert 2020 +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy