Unrated severityNVD Advisory· Published Jan 28, 2022· Updated Sep 8, 2025
CVE-2021-22825
CVE-2021-22825
Description
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could allow an attacker to access the system with elevated privileges when a privileged account clicks on a malicious URL that compromises the security token. Affected Products: AP7xxxx and AP8xxx with NMC2 (V6.9.6 or earlier), AP7xxx and AP8xxx with NMC3 (V1.1.0.3 or earlier), and APDU9xxx with NMC3 (V1.0.0.28 or earlier)
Affected products
4- NMC/AP7xxxx and AP8xxx NMC2/NMC3, APDU9xxx NMC3description
- Range: V6.9.6 or earlier
- Range: V6.9.6 or earlier
- Range: V1.0.0.28 or earlier
Patches
Vulnerability mechanics
References
1- download.schneider-electric.com/filesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.