CVE-2023-22610

CVSS 9.1 · Critical EPSS 0.49% · P66 Updated Feb 06, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-22610

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

授权机制不正确

Source: NVD (National Vulnerability Database)

Vulnerability Title

EcoStruxure Geo SCADA Expert 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

EcoStruxure Geo SCADA Expert是一款集成的、可扩展的、可靠的监控和数据采集(SCADA)软件。 EcoStruxure Geo SCADA Expert 2019版本、2020版本、2021年至2022年10月、ClearSCADA存在安全漏洞，该漏洞源于授权处理不正确。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Schneider Electric	EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA)	All ~ October 2022	-

II. Public POCs for CVE-2023-22610

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-22610

请登录查看更多情报信息。

Same Patch Batch · Schneider Electric · 2023-01-31 · 3 CVEs total

CVE-2022-45789	8.1 HIGH	Schneider Electric EcoStruxure Control Expert 安全漏洞
CVE-2023-22611	7.5 HIGH	EcoStruxure Geo SCADA Expert 信息泄露漏洞

IV. Related Vulnerabilities

Same product: EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA)

CVE-2023-22611
EcoStruxure Geo SCADA Expert 信息泄露漏洞

Same vendor: Schneider Electric

Same weakness: CWE-863

V. Comments for CVE-2023-22610

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-22610

I. Basic Information for CVE-2023-22610

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-22610

III. Intelligence Information for CVE-2023-22610

Same Patch Batch · Schneider Electric · 2023-01-31 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-22610

Leave a comment