9.3

CVE-2013-2782

EPSS 0.25%
Published 28.08.2013 13:09:15
Last modified 11.04.2025 00:51:21
Source ics-cert@hq.dhs.gov
Teams watchlist Login
Open Login

Schneider Electric Trio J-Series License Free Ethernet Radio with firmware 3.6.0 through 3.6.3 uses the same AES encryption key across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Schneider-electric ≫ Tburjr900 Version00002dh0

Schneider-electric ≫ Tburjr900 Version00002eh0

Schneider-electric ≫ Tburjr900 Version01002dh0

Schneider-electric ≫ Tburjr900 Version01002eh0

Schneider-electric ≫ Tburjr900 Version05002dh0

Schneider-electric ≫ Tburjr900 Version05002eh0

Schneider-electric ≫ Tburjr900 Version06002dh0

Schneider-electric ≫ Tburjr900 Version06002eh0

Schneider-electric ≫ Tburjr900 Firmware Version3.6.0

Schneider-electric ≫ Tburjr900 Firmware Version3.6.1

Schneider-electric ≫ Tburjr900 Firmware Version3.6.2

Schneider-electric ≫ Tburjr900 Firmware Version3.6.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.25%	0.457

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://ics-cert.us-cert.gov/advisories/ICSA-13-234-01

US Government Resource

http://www.schneider-electric.com/download/ww/en/file/141141292-SEVD-2013-143-01.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2013-2782

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-2782

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-2782

EUVD