CNNVD-202509-1143 Information

CNNVD ID

CNNVD-202509-1143

Related CVE

CVE-2025-7746

• CNNVD Published: 2025-09-09

Description (Chinese)

Schneider Electric ATV Series是法国施耐德电气（Schneider Electric）公司的一系列变频器。 Schneider Electric ATV Series存在跨站脚本漏洞，该漏洞源于输入中和不当，可能导致跨站脚本攻击。以下产品受到影响：ATV340E Altivar Machine Drives、ATV6000 Medium Voltage Altivar Process Drives和ATS490 Altivar Soft Starter。

Description (English)

Schneider Electric ATV Series is a series of transmissions from Schneider Electric, France. Schneider Electrich ATV Series has a cross-site script loophole, which originates from inappropriate input and may lead to cross-site script attacks. The following products were affected: ATV340E Altivar Machine Drives, ATV6000 Medium Voltage Altivar Production Drives and ATS490 Altivar Soft Starter.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

施耐德电气。

Published

2025-09-09

Last Modified

2026-02-24

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-252-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-252-01.pdf

Patch

https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp