{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Modicon X80 BMXNOR0200H RTU versions ant\u00e9rieures \u00e0 SV1.70 IR22","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"module Definition de IGSS (Interactive Graphical SCADA System) versions ant\u00e9rieures \u00e0 15.0.0.21141","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"PowerLogic PM5560 et PM5563 versions ant\u00e9rieures \u00e0 V2.7.8","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"PowerLogic PM5561 et PM5562 versions ant\u00e9rieures \u00e0 V2.5.4","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"PowerLogic EGX100 et EGX300 (produits en fin de vie, aucun correctif n'est pr\u00e9vu)","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"PowerLogic PM8ECC toutes versions (produit en fin de vie, aucun correctif n'est pr\u00e9vu)","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Enerlin\u2019X Com\u2019X versions ant\u00e9rieures \u00e0 V6.8.4","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"les produits Schneider Electric utilisant RockWell ISaGRAF (se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 SEVD-2021-159-04 de l'\u00e9diteur, cf. section Documentation)","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-22753","url":"https://www.cve.org/CVERecord?id=CVE-2021-22753"},{"name":"CVE-2021-22750","url":"https://www.cve.org/CVERecord?id=CVE-2021-22750"},{"name":"CVE-2021-22763","url":"https://www.cve.org/CVERecord?id=CVE-2021-22763"},{"name":"CVE-2021-22767","url":"https://www.cve.org/CVERecord?id=CVE-2021-22767"},{"name":"CVE-2021-22754","url":"https://www.cve.org/CVERecord?id=CVE-2021-22754"},{"name":"CVE-2021-22756","url":"https://www.cve.org/CVERecord?id=CVE-2021-22756"},{"name":"CVE-2021-22765","url":"https://www.cve.org/CVERecord?id=CVE-2021-22765"},{"name":"CVE-2021-22755","url":"https://www.cve.org/CVERecord?id=CVE-2021-22755"},{"name":"CVE-2020-25176","url":"https://www.cve.org/CVERecord?id=CVE-2020-25176"},{"name":"CVE-2021-22764","url":"https://www.cve.org/CVERecord?id=CVE-2021-22764"},{"name":"CVE-2020-25178","url":"https://www.cve.org/CVERecord?id=CVE-2020-25178"},{"name":"CVE-2021-22768","url":"https://www.cve.org/CVERecord?id=CVE-2021-22768"},{"name":"CVE-2021-22749","url":"https://www.cve.org/CVERecord?id=CVE-2021-22749"},{"name":"CVE-2021-22752","url":"https://www.cve.org/CVERecord?id=CVE-2021-22752"},{"name":"CVE-2021-22760","url":"https://www.cve.org/CVERecord?id=CVE-2021-22760"},{"name":"CVE-2020-25180","url":"https://www.cve.org/CVERecord?id=CVE-2020-25180"},{"name":"CVE-2021-22766","url":"https://www.cve.org/CVERecord?id=CVE-2021-22766"},{"name":"CVE-2021-22761","url":"https://www.cve.org/CVERecord?id=CVE-2021-22761"},{"name":"CVE-2021-22758","url":"https://www.cve.org/CVERecord?id=CVE-2021-22758"},{"name":"CVE-2021-22769","url":"https://www.cve.org/CVERecord?id=CVE-2021-22769"},{"name":"CVE-2020-25184","url":"https://www.cve.org/CVERecord?id=CVE-2020-25184"},{"name":"CVE-2021-22759","url":"https://www.cve.org/CVERecord?id=CVE-2021-22759"},{"name":"CVE-2021-22751","url":"https://www.cve.org/CVERecord?id=CVE-2021-22751"},{"name":"CVE-2021-22757","url":"https://www.cve.org/CVERecord?id=CVE-2021-22757"},{"name":"CVE-2021-22762","url":"https://www.cve.org/CVERecord?id=CVE-2021-22762"},{"name":"CVE-2020-25182","url":"https://www.cve.org/CVERecord?id=CVE-2020-25182"}],"links":[],"reference":"CERTFR-2021-AVI-443","revisions":[{"description":"Version initiale","revision_date":"2021-06-09T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans\u00a0les produits\nSchneider Electric. Certaines d'entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-159-03 du 08 juin 2021","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-03"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-159-04 du 08 juin 2021","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-159-05 du 08 juin 2021","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-05"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-159-01 du 08 juin 2021","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-01"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-159-02 du 08 juin 2021","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-02"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-159-06 du 08 juin 2021","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-06"}]}