Schneider.Electric.net55xx.Encoder.Privilege.Escalation

description-logoDescription

This indicates an attack attempt to exploit an Elevation of Privilege vulnerability in Schneider Electric NET55XX Encoder.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted HTTP requst. A remote attacker may be able to exploit this to escalate their privileges on vulnerable systems.

affected-products-logoAffected Products

Schneider Electric series NET55XX Encoder with firmware pior to version 2.1.9.7

Impact logoImpact

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.
System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.schneider-electric.com/en/download/document/SEVD-2019-134-01/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-10-24 14.710 Default_action:pass:drop
2019-08-02 14.664