CVE-2024-2051

Summary

CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover and unauthorized access to the system when an attacker conducts brute-force attacks against the login form.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricEasergy T200 (Modbus) Models: T200I, T200E, T200P, T200S, T200HSC2-04MOD-07000104 <= prioraffected
Schneider ElectricEasergy T200 (IEC104) Models: T200I, T200E, T200P, T200S, T200HSC2-04IEC-07000104 <= prioraffected
Schneider ElectricEasergy T200 (DNP3) Models: T200I, T200E, T200P, T200S, T200HSC2-04DNP-07000104 <= prioraffected

Weaknesses

  • CWE-307: CWE-307 Improper Restriction of Excessive Authentication Attempts

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References