CVE-2022-22722

CVE-2022-22722

Vendor Schneider Electric
Product Easergy P5
Weakness CWE-798 · Hardcoded credentials
Published February 4, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to the product they could potentially observe and manipulate traffic associated with product configuration. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)

Key dates

02Disclosure timeline

February 4, 2022 CVE published
August 3, 2024 Record updated