Filtered by vendor Schneider-electric Subscriptions
Filtered by product Powerlogic Pm5560 Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-22764 1 Schneider-electric 8 Powerlogic Pm5560, Powerlogic Pm5560 Firmware, Powerlogic Pm5561 and 5 more 2024-11-21 5.3 Medium
A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could cause loss of connectivity to the device via Modbus TCP protocol when an attacker sends a specially crafted HTTP request.
CVE-2021-22763 1 Schneider-electric 10 Powerlogic Pm5560, Powerlogic Pm5560 Firmware, Powerlogic Pm5561 and 7 more 2024-11-21 9.8 Critical
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to a device.
CVE-2018-7795 1 Schneider-electric 2 Powerlogic Pm5560, Powerlogic Pm5560 Firmware 2024-11-21 N/A
A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic (PM5560 prior to FW version 2.5.4) product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code.