schneider-electric ecostruxure-power-monitoring-expert CVE-2022-22727 is a vulnerability in Schneider Electric Ecostruxure Power Monitoring Expert
Published on February 4, 2022

A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user?s local machine when the user clicks a specially crafted link. Affected Product: EcoStruxure Power Monitoring Expert (Versions 2020 and prior)

NVD

Weakness Type

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.


Products Associated with CVE-2022-22727

Want to know whenever a new CVE is published for Schneider Electric Ecostruxure Power Monitoring Expert? stack.watch will email you.

Schneider Electric Ecostruxure Power Monitoring Expert
 

Exploit Probability

EPSS
0.93%
Percentile
75.81%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.