CVE-2020-7508

CRITICAL

Easergy T300 Firmware <= 1.5.2 - Unauthenticated Brute Force Attack

Title source: llm

Description

A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.se.com/ww/en/download/document/SEVD-2020-161-04

Scores

CVSS v3 9.8

EPSS 0.0026

EPSS Percentile 49.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-307

Status published

Products (1)

schneider-electric/easergy_t300_firmware < 1.5.2

Published Jun 16, 2020

Tracked Since Feb 18, 2026