CVE-2024-10575

Summary

CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricEcoStruxure IT GatewayVersion 1.21.0.6affected
Schneider ElectricEcoStruxure IT GatewayVersion 1.22.0.3affected
Schneider ElectricEcoStruxure IT GatewayVersion 1.22.1.5affected
Schneider ElectricEcoStruxure IT GatewayVersion 1.23.0.4affected

Weaknesses

  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References