CVE-2022-34756

HIGH

Easergy P5 Firmware < 01.401.102 - Remote Code Execution or Denial of Service via HTTPS Stack Buffer Overflow

Title source: llm
STIX 2.1

Description

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs stack which is used for the device Web HMI. Affected Products: Easergy P5 (V01.401.102 and prior)

Scores

CVSS v3 8.8
EPSS 0.0150
EPSS Percentile 71.2%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (1)
schneider-electric/easergy_p5_firmware < 01.401.102
Published Jul 13, 2022
Tracked Since Feb 18, 2026