{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"APC Easy UPS Online Monitoring Software Windows 10, 11, Windows Server 2016, 2019 et 2022 versions ant\u00e9rieures \u00e0 2.6-GA-01-23116","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Schneider Electric Easy UPS Online Monitoring Software Windows 10, 11, Windows Server 2016, 2019 et 2022 versions ant\u00e9rieures \u00e0 2.6-GA-01-23116","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Foxboro SCADA toutes versions","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Foxboro DCS Control Core Services toutes versions sans le correctif HF9857795","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"IGSS Dashboard versions ant\u00e9rieures \u00e0 16.0.0.23131","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Operation Terminal Expert versions ant\u00e9rieures \u00e0 3.4","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Pro-face BLUE versions ant\u00e9rieures \u00e0 3.4","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-29413","url":"https://www.cve.org/CVERecord?id=CVE-2023-29413"},{"name":"CVE-2023-1049","url":"https://www.cve.org/CVERecord?id=CVE-2023-1049"},{"name":"CVE-2023-29412","url":"https://www.cve.org/CVERecord?id=CVE-2023-29412"},{"name":"CVE-2023-3001","url":"https://www.cve.org/CVERecord?id=CVE-2023-3001"},{"name":"CVE-2023-29411","url":"https://www.cve.org/CVERecord?id=CVE-2023-29411"},{"name":"CVE-2023-2569","url":"https://www.cve.org/CVERecord?id=CVE-2023-2569"},{"name":"CVE-2023-2570","url":"https://www.cve.org/CVERecord?id=CVE-2023-2570"}],"links":[],"reference":"CERTFR-2023-AVI-0452","revisions":[{"description":"Version initiale","revision_date":"2023-06-13T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d'entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2023-164-02 du 13 juin 2023","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-02.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2023-101-04 du 11 avril 2023","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-04.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2023-164-01 du 13 juin 2023","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-01.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2023-164-04 du 13 juin 2023","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2023-164-03 du 13 juin 2023","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-03.pdf"}]}