{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T06:13:34.334","vulnerabilities":[{"cve":{"id":"CVE-2023-27975","sourceIdentifier":"cybersecurity@se.com","published":"2024-02-14T17:15:08.700","lastModified":"2024-12-11T19:33:27.327","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"\nCWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized\naccess to the project file in EcoStruxure Control Expert when a local user tampers with the\nmemory of the engineering workstation.\n\n"},{"lang":"es","value":"CWE-522: Existe una vulnerabilidad de credenciales insuficientemente protegidas que podría provocar un acceso no autorizado al archivo del proyecto en EcoStruxure Control Expert cuando un usuario local manipula la memoria de la estación de trabajo de ingeniería."}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@se.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0","matchCriteriaId":"1FF68269-FEB0-41F0-9127-965AA4ADCC91"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_process_expert:*:*:*:*:*:*:*:*","versionEndExcluding":"2023","matchCriteriaId":"D8022AED-42C4-42F5-A30A-45F157D71CA9"}]}]}],"references":[{"url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-044-01.pdf","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-044-01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}