CVE-2022-22726 is a vulnerability in Schneider Electric Ecostruxure Power Monitoring Expert
Published on February 4, 2022

A CWE-20: Improper Input Validation vulnerability exists that could allow arbitrary files on the server to be read by authenticated users through a limited operating system service account. Affected Product: EcoStruxure Power Monitoring Expert (Versions 2020 and prior)

NVD

Weakness Type

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Products Associated with CVE-2022-22726

Want to know whenever a new CVE is published for Schneider Electric Ecostruxure Power Monitoring Expert? stack.watch will email you.

Schneider Electric Ecostruxure Power Monitoring Expert

Exploit Probability

EPSS

0.33%

Percentile

55.25%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-22726 is a vulnerability in Schneider Electric Ecostruxure Power Monitoring ExpertPublished on February 4, 2022

Weakness Type

Improper Input Validation

Products Associated with CVE-2022-22726

Exploit Probability

CVE-2022-22726 is a vulnerability in Schneider Electric Ecostruxure Power Monitoring Expert
Published on February 4, 2022