CVE-2014-2380

CVE-2014-2380: Schneider Electric Wonderware Inadequate Encryption Strength

Vendor Schneider Electric
Product Wonderware Information Server Portal
Weakness CWE-326 · Weak encryption
Published August 28, 2014
Last update October 31, 2025

CVSS base score

What the vulnerability does

01Description

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.

Key dates

02Disclosure timeline

August 28, 2014 CVE published
October 31, 2025 Record updated