Vulnerability CVE-2023-25552


Published: 2023-04-18

Description:



A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized
content, changes or deleting of content, or performing unauthorized functions when tampering
the Device File Transfer settings on DCE endpoints.



Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

Type:

CWE-862

(Missing Authorization)

 References:
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf

Copyright 2026, cxsecurity.com

 

Back to Top