A CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain control of the device when the attacker brute forces the password. Affected Products: C-Bus Network Automation Controller - LSS5500NAC (Versions prior to V1.10.0), Wiser for C-Bus Automation Controller - LSS5500SHAC (Versions prior to V1.10.0), Clipsal C-Bus Network Automation Controller - 5500NAC (Versions prior to V1.10.0), Clipsal Wiser for C-Bus Automation Controller - 5500SHAC (Versions prior to V1.10.0), SpaceLogic C-Bus Network Automation Controller - 5500NAC2 (Versions prior to V1.10.0), SpaceLogic C-Bus Application Controller - 5500AC2 (Versions prior to V1.10.0)
2023-01-30T23:15:09.927
2024-11-21T07:06:31.907
Modified
CVSSv3.1: 9.8 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | schneider-electric | 5500ac2_firmware | < 1.11.0 | Yes |
| Hardware | schneider-electric | 5500ac2 | - | No |
| Operating System | schneider-electric | 5500nac_firmware | < 1.11.0 | Yes |
| Hardware | schneider-electric | 5500nac | - | No |
| Operating System | schneider-electric | 5500nac2_firmware | < 1.11.0 | Yes |
| Hardware | schneider-electric | 5500nac2 | - | No |
| Operating System | schneider-electric | 5500shac_firmware | < 1.11.0 | Yes |
| Hardware | schneider-electric | 5500shac | - | No |
| Operating System | schneider-electric | lss5500nac_firmware | < 1.11.0 | Yes |
| Hardware | schneider-electric | lss5500nac | - | No |
| Operating System | schneider-electric | lss5500shac_firmware | < 1.11.0 | Yes |
| Hardware | schneider-electric | lss5500shac | - | No |