CVE-2024-2051

EUVD-2024-27016
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that
could cause account takeover and unauthorized access to the system when an attacker
conducts brute-force attacks against the login form.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
schneider_electriceasergy_t200i_firmware
𝑥
< sc2-04mod-07000104
ADP
schneider_electriceasergy_t200e_firmware
𝑥
< sc2-04mod-07000104
ADP
schneider_electriceasergy_t200p_firmware
𝑥
< sc2-04mod-07000104
ADP
schneider_electriceasergy_t200s_firmware
𝑥
< sc2-04mod-07000104
ADP
schneider_electriceasergy_t200h_firmware
𝑥
< sc2-04mod-07000104
ADP
Common Weakness Enumeration
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-072-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-072-01.pdf
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-072-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-072-01.pdf