Description
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test credentials in the firmware binary
Scores
CVSS v3
8.5
EPSS
0.0004
EPSS Percentile
11.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-312
Status
published
Products (2)
Schneider Electric/EVlink Home Smart
All versions prior to 2.0.6.0.0
Schneider Electric/Schneider Charge
All versions prior to 1.13.4
Published
Oct 13, 2024
Tracked Since
Feb 18, 2026