CVE-2024-8884

Summary

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause exposure of credentials when attacker has access to application on network over http

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricSystem Monitor application in Harmony Industrial PC HMIBMO/HMIBMI/HMIPSO/HMIBMP/HMIBMU/HMIPSP/HMIPEP seriesAll versionsaffected
Schneider ElectricSystem Monitor application in Pro-face Industrial PC PS5000 seriesAll versionsaffected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References