CVE-2020-28215

Vulnerability

A missing authorization vulnerability (CWE-862) exists in Schneider Electric's Easergy T300 products running firmware versions 2.7 and prior [1]. Access control checks are not consistently applied, allowing an attacker to exploit the missing authorization to reach critical functions. This issue is distinct from the related missing authentication vulnerability (CVE-2020-7561) but shares the same affected product range [1].

Exploitation

An attacker can exploit this vulnerability remotely over the network without requiring authentication [1]. The CVSS vector indicates high attack complexity (AC:H), meaning the attacker may need to overcome some environmental or timing factors, but no privileges or user interaction are needed [1]. The specific steps to trigger the missing authorization condition are not publicly detailed in the available references.

Impact

Successful exploitation allows an attacker to gain unauthorized access to the internal product LAN [1]. This can result in exposure of sensitive information, denial of service, and remote code execution, as the attacker can access resources without proper restriction [1]. The CVSS v3 base score is 7.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H), indicating a high impact on integrity and availability [1].

Mitigation

Schneider Electric has released firmware updates to address this vulnerability. Users should upgrade Easergy T300 to firmware version 2.8 or later [1]. If upgrading is not immediately possible, users should restrict network access to the affected devices as a workaround [1]. This vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of the publication date [1].