cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-32747,https://securityvulnerability.io/vulnerability/CVE-2022-32747,Authentication Bypass Vulnerability in EcoStruxure™ Cybersecurity Admin Expert by Schneider Electric,"A vulnerability exists in EcoStruxure™ Cybersecurity Admin Expert that allows an attacker to bypass authentication mechanisms. This could result in unauthorized access, leading to the risk of legitimate users being locked out of their devices. Additionally, it may enable the creation of backdoor accounts by spoofing a device connected to the local network, compromising the security of the overall system.",Schneider Electric,Ecostruxure™ Cybersecurity Admin Expert (cae),8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-01-30T00:00:00.000Z,0
CVE-2022-32748,https://securityvulnerability.io/vulnerability/CVE-2022-32748,Improper Certificate Validation in EcoStruxure Cybersecurity Admin Expert by Schneider Electric,"An improper certificate validation vulnerability exists in Schneider Electric's EcoStruxure Cybersecurity Admin Expert (CAE), which can lead to incorrect data being presented to users during device configuration. Additionally, this flaw may cause sensitive credentials to leak, potentially allowing attackers to access the configuration tool and compromise additional devices within the network. This vulnerability highlights the necessity for reliable certificate verification processes to safeguard both user data and device integrity.",Schneider Electric,Ecostruxure™ Cybersecurity Admin Expert (cae),7.9,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2023-01-30T00:00:00.000Z,0