What is the vulnerability ID of this vulnerability?

The vulnerability ID is CVE-2022-43378.

What is the CWE ID of this vulnerability?

The CWE ID of this vulnerability is CWE-1021.

What is the severity of CVE-2022-43378?

The severity of CVE-2022-43378 is medium.

Which products are affected by CVE-2022-43378?

The affected products are NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior).

How can I fix CVE-2022-43378?

To fix CVE-2022-43378, update to a version of NetBotz 4 firmware that is higher than 4.7.0.

Vulnerability/
CVE-2022-43378

medium

6.5

CWE

1021

18/4/2023

5/2/2025

CVE-2022-43378

First published: Tue Apr 18 2023(Updated: )

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior)

Credit: cybersecurity@se.com

Affected Software	Affected Version	How to fix
Schneider Electric NetBotz 355 Firmware	>=4.0.0<=4.7.0
Schneider Electric NetBotz 355
Schneider Electric NetBotz 450 Firmware	>=4.0.0<=4.7.0
Schneider-electric Netbotz 450 Firmware
Schneider Electric NetBotz 455 Firmware	>=4.0.0<=4.7.0
Schneider-electric Netbotz 455 Firmware
Schneider-electric Netbotz 550 Firmware	>=4.0.0<=4.7.0
Schneider-electric Netbotz 550 Firmware
NetBotz 570	>=4.0.0<=4.7.0
Schneider Electric NetBotz 570

Remedy

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-312-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-312-01-NetBotz_4_Security_Notification.pdf

Never miss a vulnerability like this again

Reference Links

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-312-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-312-01-NetBotz_4_Security_Notification.pdf

Frequently Asked Questions

What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2022-43378.
What is the CWE ID of this vulnerability?
The CWE ID of this vulnerability is CWE-1021.
What is the severity of CVE-2022-43378?
The severity of CVE-2022-43378 is medium.
Which products are affected by CVE-2022-43378?
The affected products are NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior).
How can I fix CVE-2022-43378?
To fix CVE-2022-43378, update to a version of NetBotz 4 firmware that is higher than 4.7.0.

agent/type
agent/severity
agent/author
agent/references
agent/weakness
agent/remedy
agent/event
agent/first-publish-date
agent/description
agent/source
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/schneider-electric
canonical/schneider electric netbotz 355 firmware
version/schneider electric netbotz 355 firmware/4.0.0
version/schneider electric netbotz 355 firmware/4.7.0
canonical/schneider electric netbotz 355
canonical/schneider electric netbotz 450 firmware
version/schneider electric netbotz 450 firmware/4.0.0
version/schneider electric netbotz 450 firmware/4.7.0
canonical/schneider-electric netbotz 450 firmware
canonical/schneider electric netbotz 455 firmware
version/schneider electric netbotz 455 firmware/4.0.0
version/schneider electric netbotz 455 firmware/4.7.0
canonical/schneider-electric netbotz 455 firmware
canonical/schneider-electric netbotz 550 firmware
version/schneider-electric netbotz 550 firmware/4.0.0
version/schneider-electric netbotz 550 firmware/4.7.0
canonical/netbotz 570
version/netbotz 570/4.0.0
version/netbotz 570/4.7.0
canonical/schneider electric netbotz 570