cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-22806,https://securityvulnerability.io/vulnerability/CVE-2022-22806,Authentication Bypass in SmartConnect Family UPS by Schneider Electric,"A vulnerability exists in Schneider Electric's SmartConnect Family UPS systems, characterized as an authentication bypass due to capture-replay methods. This vulnerability permits unauthorized users to establish connections by exploiting malformed requests, compromising the integrity and security of the UPS systems. Several UPS models across different series, including SMT, SMC, SMTL, SCL, and SMX, are affected, with specific version details highlighting those that may be susceptible to this exploit. Immediate remediation steps should be taken to prevent potential unauthorized access.",Schneider Electric,Smartconnect,9.8,CRITICAL,0.0030799999367445707,false,,false,false,false,,,false,false,,2022-03-09T19:30:17.000Z,0
CVE-2022-22805,https://securityvulnerability.io/vulnerability/CVE-2022-22805,Buffer Overflow Vulnerability in SmartConnect UPS Products by Schneider Electric,"A vulnerability exists in Schneider Electric's SmartConnect Family of UPS products that allows for a buffer overflow due to inappropriate handling of TLS packet reassembly. If exploited, this could enable remote code execution, putting systems and data at risk. The affected products include various models in the SMT, SMC, SMTL, SCL, and SMX series, particularly those running outdated firmware versions. Ensuring timely updates and patches is critical to mitigate such vulnerabilities. For more details, refer to Schneider Electric's advisory.",Schneider Electric,Smartconnect,9.8,CRITICAL,0.007550000213086605,false,,false,false,false,,,false,false,,2022-03-09T19:30:16.000Z,0
CVE-2022-0715,https://securityvulnerability.io/vulnerability/CVE-2022-0715,Improper Authentication Vulnerability in APC Smart-UPS and SmartConnect Products,"An improper authentication vulnerability exists within specific APC Smart-UPS and SmartConnect models, allowing unauthorized access that may enable attackers to upload malicious firmware. This occurs if sensitive keys are compromised, leading to potentially undesired changes in UPS behavior. Ensuring proper authentication mechanisms are in place is critical, especially for devices managing power supply.",Schneider Electric,"Apc Smart-ups,Smartconnect ",9.1,CRITICAL,0.0010499999625608325,false,,false,false,false,,,false,false,,2022-03-09T19:30:14.000Z,0