Vulnerability Description
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could allow an authenticated attacker to access the device via FTP protocol.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Accusine Pcsp Pfvp Firmware | < 001.006.007 |
| Schneider-Electric | Accusine Pcs\+ | - |
| Schneider-Electric | Accusine Pfv\+ | - |
| Schneider-Electric | Accusine Pcsn Active Harmonic Filter Firmware | < 002.002.004 |
| Schneider-Electric | Accusine Pcsn | - |
Related Weaknesses (CWE)
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-01Not Applicable
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05PatchVendor Advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-01Not Applicable
FAQ
What is CVE-2021-22793?
CVE-2021-22793 is a vulnerability with a CVSS score of 7.2 (HIGH). A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could all...
How severe is CVE-2021-22793?
CVE-2021-22793 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-22793?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Accusine Pcsp Pfvp Firmware, Schneider-Electric Accusine Pcs\+, Schneider-Electric Accusine Pfv\+, Schneider-Electric Accusine Pcsn Active Harmonic Filter Firmware, Schneider-Electric Accusine Pcsn.