Description
An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. No authentication is configured by default. An unauthorized user can access the device management portal and make configuration changes.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94091
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-308-03
Scores
CVSS v3
9.8
EPSS
0.0088
EPSS Percentile
75.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-284
Status
published
Products (7)
n/a/Schneider Electric IONXXXX Series Power Meter Vulnerabilities
Schneider Electric IONXXXX Series Power Meter Vulnerabilities
schneider-electric/ion5000
schneider-electric/ion7300
schneider-electric/ion7500
schneider-electric/ion7600
schneider-electric/ion8650
schneider-electric/ion8800
Published
Feb 13, 2017
Tracked Since
Feb 18, 2026