1. Home
  2. CVE Database
  3. CVE-2021-22714
CRITICAL · 9.8

CVE-2021-22714

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All versions prior to V3.0.0), which could cause the m...

Vulnerability Description

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All versions prior to V3.0.0), which could cause the meter to reboot or allow for remote code execution.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
Schneider-ElectricPowerlogic Ion7400 Firmware< 3.0.0
Schneider-ElectricPowerlogic Ion7400-
Schneider-ElectricPowerlogic Pm8000 Firmware< 3.0.0
Schneider-ElectricPowerlogic Pm8000-
Schneider-ElectricPowerlogic Ion9000 Firmware< 3.0.0
Schneider-ElectricPowerlogic Ion9000-

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2021-22714?

CVE-2021-22714 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All versions prior to V3.0.0), which could cause the m...

How severe is CVE-2021-22714?

CVE-2021-22714 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2021-22714?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Powerlogic Ion7400 Firmware, Schneider-Electric Powerlogic Ion7400, Schneider-Electric Powerlogic Pm8000 Firmware, Schneider-Electric Powerlogic Pm8000, Schneider-Electric Powerlogic Ion9000 Firmware.