Vulnerability Description
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior)
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Netbotz 355 Firmware | >= 4.0.0, <= 4.7.0 |
| Schneider-Electric | Netbotz 355 | - |
| Schneider-Electric | Netbotz 450 Firmware | >= 4.0.0, <= 4.7.0 |
| Schneider-Electric | Netbotz 450 | - |
| Schneider-Electric | Netbotz 455 Firmware | >= 4.0.0, <= 4.7.0 |
| Schneider-Electric | Netbotz 455 | - |
| Schneider-Electric | Netbotz 550 Firmware | >= 4.0.0, <= 4.7.0 |
| Schneider-Electric | Netbotz 550 | - |
| Schneider-Electric | Netbotz 570 Firmware | >= 4.0.0, <= 4.7.0 |
| Schneider-Electric | Netbotz 570 | - |
Related Weaknesses (CWE)
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-312-01&p_enDocPatchVendor Advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-312-01&p_enDocPatchVendor Advisory
FAQ
What is CVE-2022-43378?
CVE-2022-43378 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are...
How severe is CVE-2022-43378?
CVE-2022-43378 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-43378?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Netbotz 355 Firmware, Schneider-Electric Netbotz 355, Schneider-Electric Netbotz 450 Firmware, Schneider-Electric Netbotz 450, Schneider-Electric Netbotz 455 Firmware.