1. Home
  2. CVE Database
  3. CVE-2021-22713
HIGH · 7.5

CVE-2021-22713

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 (see security n...

Vulnerability Description

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 (see security notifcation for affected versions), which could cause the meter to reboot.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
Schneider-ElectricPowerlogic Ion8650 Firmware< 4.40.1
Schneider-ElectricPowerlogic Ion8650-
Schneider-ElectricPowerlogic Ion8800 Firmware< 372
Schneider-ElectricPowerlogic Ion8800-
Schneider-ElectricPowerlogic Ion7550 Firmware< 376
Schneider-ElectricPowerlogic Ion75504.0
Schneider-ElectricPowerlogic Ion7650 Firmware< 376
Schneider-ElectricPowerlogic Ion76504.0
Schneider-ElectricPowerlogic Ion7700 FirmwareAll versions
Schneider-ElectricPowerlogic Ion7700-
Schneider-ElectricPowerlogic Ion7300 FirmwareAll versions
Schneider-ElectricPowerlogic Ion7300-
Schneider-ElectricPowerlogic Ion8300 FirmwareAll versions
Schneider-ElectricPowerlogic Ion8300-
Schneider-ElectricPowerlogic Ion8400 FirmwareAll versions
Schneider-ElectricPowerlogic Ion8400-
Schneider-ElectricPowerlogic Ion8500 FirmwareAll versions
Schneider-ElectricPowerlogic Ion8500-
Schneider-ElectricPowerlogic Ion8600 FirmwareAll versions
Schneider-ElectricPowerlogic Ion8600-

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2021-22713?

CVE-2021-22713 is a vulnerability with a CVSS score of 7.5 (HIGH). A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 (see security n...

How severe is CVE-2021-22713?

CVE-2021-22713 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-22713?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Powerlogic Ion8650 Firmware, Schneider-Electric Powerlogic Ion8650, Schneider-Electric Powerlogic Ion8800 Firmware, Schneider-Electric Powerlogic Ion8800, Schneider-Electric Powerlogic Ion7550 Firmware.