Severity
High
Analysis Summary
CVE-2022-45788
Schneider Electric products could allow a remote attacker to execute arbitrary code on the system, caused by an improper check for unusual or exceptional conditions. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-45788
Affected Vendors
Schneider Electric
Affected Products
- Schneider Electric EcoStruxure Control Expert
- Schneider Electric EcoStruxure Process Expert
- Schneider Electric Legacy Modicon Quantum
- Schneider Electric Modicon M340 CPU
- Schneider Electric Modicon M580 CPU
- Schneider Electric Modicon M580 CPU Safety
- Schneider Electric Modicon MC80
- Schneider Electric Modicon Momentum Unity M1E Processor
Remediation
Refer to Schneider Electric Security Advisory for patch, upgrade or suggested workaround information.