CVE-2020-7548

CRITICAL

Smartlink PowerTag Wiser Series Gateways - Info Disclosure

Title source: llm

Description

A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login.

References (1)

[Patch, Vendor Advisory] https://www.se.com/ww/en/download/document/SEVD-2020-287-03/

Scores

CVSS v3 9.8

EPSS 0.0059

EPSS Percentile 69.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-330

Status published

Products (7)

schneider-electric/acti9_powertag_link_firmware < 001.008.007

schneider-electric/acti9_powertag_link_hd_firmware < 001.008.007

schneider-electric/acti9_smartlink_el_b_firmware < 1.2.1

schneider-electric/acti9_smartlink_si_b_firmware < 002.004.002

schneider-electric/acti9_smartlink_si_d_firmware < 002.004.002

schneider-electric/wiser_energy_firmware < 1.5.0

schneider-electric/wiser_link_firmware < 1.5.0

Published Dec 01, 2020

Tracked Since Feb 18, 2026