Medium severity5.3NVD Advisory· Published Jun 11, 2021· Updated May 29, 2026

CVE-2021-22764

Description

A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could cause loss of connectivity to the device via Modbus TCP protocol when an attacker sends a specially crafted HTTP request.

Affected products

Schneider Electric/PowerLogic PM55xxllm-fuzzy
Schneider Electric/PowerLogic EGX100llm-fuzzy
Schneider Electric/PowerLogic EGX300llm-fuzzy
Schneider Electric/Powerlogic Pm8ecc Firmwarellm-fuzzy

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

download.schneider-electric.com/filesnvd
download.schneider-electric.com/filesnvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000