All CISA Advisories, EN

Schneider Electric Altivar Products, ATVdPAC Module, ILC992 InterLink Converter

View CSAF

1. EXECUTIVE SUMMARY

  • CVSS v4 5.3
  • ATTENTION: Exploitable remotely/low attack complexity
  • Vendor: Schneider Electric
  • Equipment: Altivar products, ATVdPAC module, ILC992 InterLink Converter
  • Vulnerability: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to read or modify data.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Schneider Electric reports that the following products are affected:

  • Schneider Electric ATVdPAC module: Versions prior to 25.0
  • Schneider Electric Altivar Process Drives ATV930: All versions
  • Schneider Electric Altivar Process Drives ATV950: All versions
  • Schneider Electric Altivar Process Drives ATV955: All versions
  • Schneider Electric Altivar Process Drives ATV960: All versions
  • Schneider Electric Altivar Process Drives ATV980: All versions
  • Schneider Electric Altivar Process Drives ATV9A0: All versions
  • Schneider Electric Altivar Process Drives ATV9B0: All versions
  • Schneider Electric Altivar Process Drives ATV9L0: All versions
  • Schneider Electric Altivar Process Drives ATV991: All versions
  • Schneider Electric Altivar Process Drives ATV992: All versions
  • Schneider Electric Altivar Process Drives ATV993: All versions
  • Schneider Electric ILC992 InterLink Converter: All versions
  • Schneider Electric Altivar Machine Drives ATV340E: All versions
  • Schneider Electric Altivar Process Drives ATV6000 Medium Voltage: All versions
  • Schneider Electric Altivar Soft Starter ATS490: All versions
  • Schneider Electric Altivar Process Communication Modules VW3A3720: All versions
  • Schneider Electric Altivar Process Communication Modules VW3A3721: All versions
  • Schneider Electric Altivar Process Drives ATV630: All versions
  • Schneider Electric Altivar Process Drives ATV650: All versions
  • Schneider Electric Altivar Process Drives ATV660: All versions
  • Schneider Electric Altivar Process Dri

    […]
    Content was cut in order to protect the source.Please visit the source for the rest of the article.

    This article has been indexed from All CISA Advisories

    Read the original article: