First published: Wed Nov 15 2023(Updated: )
A CWE-79 Improper Neutralization of Input During Web Page Generation vulnerability exists that could cause compromise of a user’s browser when an attacker with admin privileges has modified system values.
|Affected Software||Affected Version||How to fix|
|Schneider-electric Ion8650 Firmware|
|Schneider-electric Ion8800 Firmware|
Vulnerability CVE-2023-5985 is a CWE-79 Improper Neutralization of Input During Web Page Generation vulnerability.
The severity of CVE-2023-5985 is medium with a severity score of 4.8.
CVE-2023-5985 can be exploited by an attacker with admin privileges who has modified system values.
No, Schneider-electric Ion8650 is not vulnerable to CVE-2023-5985.
No, Schneider-electric Ion8800 is not vulnerable to CVE-2023-5985.
To fix CVE-2023-5985, apply the necessary security patches provided by Schneider-electric.
More information about CVE-2023-5985 can be found at the following reference: [link](https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-318-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-318-01.pdf)