First published: Tue Apr 18 2023(Updated: )
A CWE-129: Improper validation of an array index vulnerability exists where a specially crafted Ethernet request could result in denial of service or remote code execution.
Credit: cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Powerlogic Hdpm6000 Firmware | <=0.58.6 | |
Schneider-electric Powerlogic Hdpm6000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-28004.
The severity of CVE-2023-28004 is critical (9.8).
The CWE ID for this vulnerability is CWE-129.
The affected software for CVE-2023-28004 is Schneider-electric Powerlogic Hdpm6000 Firmware version up to 0.58.6.
This vulnerability can be exploited by sending a specially crafted Ethernet request, which could result in denial of service or remote code execution.