CVE-2022-24323

Summary

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Process Expert (V2021 and prior), EcoStruxure Control Expert (V15.0 SP1 and prior)

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricEcoStruxure Process ExpertV2021 and prioraffected
Schneider ElectricEcoStruxure Control ExpertV15.0 SP1 and prioraffected

Weaknesses

  • CWE-754: CWE-754 Improper Check for Unusual or Exceptional Conditions

ADP Enrichment

CVE Program Container

Additional References

References