CyberSec.Space Logo
Back to CVE Browser

CVE-2021-22705

HIGH
7.8
CVSS Severity Score
EPSS Score0.1300%
EPSS Percentile34.10th
PublishedMay 26, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or unauthorized access to system information when interacting directly with a driver installed by Vijeo Designer or EcoStruxure Machine Expert

Affected Platforms (CPE)

📦
Schneider Electric

Vijeo Designer

< 6.2.11
📦
Schneider Electric

Ecostruxure Machine Expert

< 2.0

References & Advisories

🔗 https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-02
🔗 https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-02

Related Vulnerabilities

CVE-2021-227049.1

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by V...

CVE-2020-75018.8

A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designe...

CVE-2020-74907.8

A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 ...

CVE-2021-228177.8

A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation direct...