VYPR

Powerlogic Pm5560 Firmware

by Schneider Electric

CVEs (3)

  • CVE-2021-22763CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.02

    A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to…

  • CVE-2018-7795MedAug 29, 2018
    risk 0.35cvss 5.4epss 0.02

    A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic (PM5560 prior to FW version 2.5.4) product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of…

  • CVE-2021-22764MedJun 11, 2021
    risk 0.34cvss 5.3epss 0.02

    A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could cause loss of connectivity to the device via Modbus TCP protocol when an…