CVE-2024-5559 MEDIUM

CVE-2024-5559

Vendor Schneider Electric
Product PowerLogic P5
Weakness CWE-327 · Broken crypto
Published June 12, 2024
Last update August 1, 2024

CVSS base score

6.1/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device.

Key dates

02Disclosure timeline

June 12, 2024 CVE published
August 1, 2024 Record updated