Skip to main content
CVE-2015-3940 MEDIUM PATCH This Month

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Rated medium severity (CVSS 6.9). This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Schneider Electric Wonderware System Platform 2014
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-3963 MEDIUM PATCH This Month

Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Schneider Electric Information Disclosure Vxworks
NVD
CVSS 2.0
5.8
EPSS
3.0%
CVE-2015-3942 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allow remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Magnum 10K Firmware Magnum 6K Firmware
NVD
CVSS 2.0
4.3
EPSS
0.8%
CVE-2015-3960 MEDIUM This Month

The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Magnum 10K Firmware Magnum 6K Firmware
NVD
CVSS 2.0
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy