← Back

CVE-2023-5630

nvd nist
Published: Dec 14, 2023Modified: Nov 21, 2024

JSON object

Loading...
4.9
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Exploitability: 1.2 / Impact: 3.6
Source: NVD

Description

A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a privileged user to install an untrusted firmware.

Affected (16)

Schneider Electric
16 products
Eb450 Firmware
Eb45e Firmware
Eh450 Firmware
Eh45e Firmware
Er450 Firmware
Er45e Firmware
Jr240 Firmware
Jr900 Firmware
Qr450 Firmware
Qr150 Firmware
Qb450 Firmware
Qb150 Firmware
Qp450 Firmware
Qp150 Firmware
Qh450 Firmware
Qh150 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Eb450 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Eb450
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Eb45e Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Eb45e
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Eh450 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Eh450
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Eh45e Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Eh45e
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Er450 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Er450
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Er45e Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Er45e
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jr240 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Jr240
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jr900 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Jr900
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qr450 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qr450
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qr150 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qr150
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qb450 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qb450
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qb150 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qb150
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qp450 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qp450
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qp150 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qp150
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qh450 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qh450
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qh150 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qh150
All versions

Related CWEs

CWE-494
Download of Code Without Integrity Check
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

References (2)

Source: cybersecurity@se.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.