Skip to main content

Schneider Electric

174 CVEs vendor

Monthly

CVE-2017-7967 MEDIUM This Month

All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Schneider Electric Vampset
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8371 MEDIUM PATCH This Month

Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses cleartext RAM storage for passwords, which might allow remote attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Schneider Electric Information Disclosure Struxureware Data Center Expert
NVD
CVSS 3.0
6.8
EPSS
0.2%
CVE-2017-5160 MEDIUM This Month

An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Intouch Access Anywhere
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2017-5158 CRITICAL Act Now

An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Intouch Access Anywhere
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2017-5156 HIGH This Week

A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Schneider Electric Wonderware Intouch Access Anywhere
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2017-7689 CRITICAL Act Now

A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Command Injection Homelynk Controller Lss100100 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.2%
CVE-2017-6033 HIGH This Week

A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Interactive Graphical Scada System
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-6019 HIGH POC THREAT Act Now

An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 20.5%.

Denial Of Service Schneider Electric Conext Combox 865 1058 Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
20.5%
CVE-2017-7575 CRITICAL POC Act Now

Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Schneider Electric Information Disclosure
NVD VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2017-7574 CRITICAL Act Now

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Schneider Electric
NVD VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2017-5178 CRITICAL Act Now

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Schneider Electric Tableau Desktop Tableau Server +1
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2017-5157 MEDIUM This Month

An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Schneider Electric Homelynk Controller Lss100100 Firmware
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-5155 HIGH This Week

An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Historian
NVD
CVSS 3.0
7.3
EPSS
0.6%
CVE-2016-8374 HIGH This Week

An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Schneider Electric Magelis Gtu Universal Panel Firmware Magelis Gto Advanced Optimum Panel Firmware +6
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2016-8367 MEDIUM This Month

An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.7% and no vendor patch available.

Denial Of Service Microsoft Schneider Electric Magelis Gtu Universal Panel Firmware Magelis Gto Advanced Optimum Panel Firmware +6
NVD
CVSS 3.1
5.3
EPSS
13.7%
CVE-2016-8354 HIGH This Week

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Code Injection Schneider Electric Unity Pro
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2016-8352 CRITICAL Act Now

An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Schneider Electric Connexium Firmware
NVD
CVSS 3.0
10.0
EPSS
2.5%
CVE-2016-5818 CRITICAL PATCH Act Now

An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Schneider Electric Powerlogic Pm8Ecc Firmware
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2016-5815 CRITICAL Act Now

An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Schneider Electric Ion5000 Ion7300 Ion7500 +3
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-5809 HIGH POC This Week

An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Schneider Electric Ion5000 Ion7300 Ion7500 +3
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
0.9%
CVE-2016-4529 HIGH PATCH This Week

An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors,. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Schneider Electric RCE Somachine Hvac Firmware
NVD
CVSS 3.1
7.3
EPSS
4.3%
CVE-2016-4520 CRITICAL PATCH Act Now

Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Schneider Electric RCE Pelco Digital Sentry Video Management System Firmware
NVD
CVSS 3.0
9.8
EPSS
2.7%
CVE-2016-4513 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Schneider Electric PowerLogic PM8ECC module before 2.651 for PowerMeter 800 devices allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Schneider Electric Powerlogic Pm8Ecc Firmware
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2015-6485 MEDIUM This Month

Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Telvent Rtu Firmware
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-2278 HIGH POC THREAT Act Now

Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P 1.7 and earlier allows remote authenticated administrators to execute arbitrary OS commands by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.0%.

Schneider Electric Authentication Bypass Struxureware Building Operations Automation Server As Firmware Struxureware Building Operations Automation Server As P Firmware
NVD Exploit-DB
CVSS 3.0
7.2
EPSS
14.0%
CVE-2015-7937 CRITICAL Act Now

Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Buffer Overflow RCE Bmxnoc0401 Bmxnoe0100 +11
NVD
CVSS 2.0
10.0
EPSS
1.9%
CVE-2015-8561 MEDIUM This Month

The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
6.8
EPSS
3.8%
CVE-2015-7918 MEDIUM This Month

Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 11.2% and no vendor patch available.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
6.8
EPSS
11.2%
CVE-2015-3977 HIGH This Week

Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory. Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric Buffer Overflow RCE Imt25 Magnetic Flow Dtm
NVD
CVSS 2.0
7.7
EPSS
0.1%
CVE-2015-7375 HIGH This Week

Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code or cause a denial of service (unhandled runtime exception and application crash) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric RCE Web Studio
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2015-7374 HIGH This Week

The Remote Agent component in Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-2649. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric RCE Web Studio
NVD
CVSS 2.0
7.5
EPSS
1.8%
CVE-2015-3962 MEDIUM This Month

Schneider Electric StruxureWare Building Expert MPM before 2.15 does not use encryption for the client-server data stream, which allows remote attackers to discover credentials by sniffing the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Struxureware Building Expert Multi Purpose Management
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-3963 MEDIUM PATCH This Month

Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Schneider Electric Information Disclosure Vxworks
NVD
CVSS 2.0
5.8
EPSS
3.0%
CVE-2015-3940 MEDIUM PATCH This Month

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Rated medium severity (CVSS 6.9). This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Schneider Electric Wonderware System Platform 2014
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-1009 LOW Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local. Rated low severity (CVSS 1.7), this vulnerability is low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Web Studio Intouch
NVD
CVSS 2.0
1.7
EPSS
0.1%
CVE-2014-8390 MEDIUM POC PATCH This Month

Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 allow local users to gain privileges via malformed disturbance-recording data in a (1) CFG or (2) DAT file. Rated medium severity (CVSS 4.4). Public exploit code available.

Schneider Electric Buffer Overflow Vampset
NVD
CVSS 2.0
4.4
EPSS
0.2%
CVE-2015-0999 LOW PATCH Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Schneider Electric Information Disclosure Aveva Edge Wonderware Intouch 2014
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-0998 LOW PATCH Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Schneider Electric Information Disclosure Aveva Edge Wonderware Intouch 2014
NVD
CVSS 2.0
3.3
EPSS
0.2%
CVE-2015-0997 MEDIUM PATCH This Month

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Schneider Electric Information Disclosure Aveva Edge Wonderware Intouch 2014
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-0996 LOW PATCH Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Schneider Electric Information Disclosure Aveva Edge Wonderware Intouch 2014
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-0982 HIGH PATCH This Week

Buffer overflow in an unspecified DLL in Schneider Electric Pelco DS-NVs before 7.8.90 allows remote attackers to execute arbitrary code via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Schneider Electric Buffer Overflow RCE Pelco Ds Nv
NVD
CVSS 2.0
7.5
EPSS
6.0%
CVE-2014-9206 MEDIUM This Month

Stack-based buffer overflow in Device Type Manager (DTM) 3.1.6 and earlier for Schneider Electric Invensys SRD Control Valve Positioner devices 960 and 991 allows local users to gain privileges via a. Rated medium severity (CVSS 6.9). No vendor patch available.

Schneider Electric Buffer Overflow Device Type Manager
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2014-9200 HIGH This Week

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow RCE Somachine +3
NVD
CVSS 2.0
7.5
EPSS
2.2%
CVE-2014-9198 CRITICAL PATCH Act Now

The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Schneider Electric Authentication Bypass Etg3000 Factorycast Hmi Gateway Firmware Tsxetg3000 Tsxetg3010 +2
NVD
CVSS 2.0
10.0
EPSS
0.8%
CVE-2014-9197 CRITICAL PATCH Act Now

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Schneider Electric Authentication Bypass Etg3000 Factorycast Hmi Gateway Firmware Tsxetg3000 Tsxetg3010 +2
NVD
CVSS 2.0
10.0
EPSS
0.3%
CVE-2014-9190 CRITICAL Act Now

Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow RCE Wonderware Intouch Access Anywhere Server
NVD
CVSS 2.0
10.0
EPSS
6.4%
CVE-2014-9188 CRITICAL PATCH Act Now

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6%.

Command Injection Schneider Electric RCE Buffer Overflow Proclima
NVD
CVSS 2.0
10.0
EPSS
19.6%
CVE-2014-8514 HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
7.5
EPSS
3.6%
CVE-2014-8513 HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2014-8512 HIGH PATCH This Week

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2014-8511 CRITICAL Act Now

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
10.0
EPSS
5.4%
CVE-2014-0754 CRITICAL PATCH Act Now

Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.9%.

Path Traversal Schneider Electric Stbnic2212 Firmware Stbnip2212 Firmware Tsxetc0101 Firmware +40
NVD
CVSS 2.0
10.0
EPSS
18.9%
CVE-2014-5413 MEDIUM This Month

Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algorithm for an X.509 certificate, which makes it easier for remote attackers to spoof servers via a. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Clearscada Scada Expert Clearscada
NVD GitHub
CVSS 2.0
6.4
EPSS
0.3%
CVE-2014-5412 MEDIUM This Month

Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attackers to read database records by leveraging access to the guest account. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Authentication Bypass Clearscada Scada Expert Clearscada
NVD GitHub
CVSS 2.0
6.4
EPSS
0.5%
CVE-2014-5411 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

XSS Schneider Electric Clearscada Scada Expert Clearscada
NVD GitHub
CVSS 2.0
4.9
EPSS
0.5%
CVE-2014-5407 MEDIUM This Month

Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2). Rated medium severity (CVSS 4.1). No vendor patch available.

Denial Of Service Schneider Electric Stack Overflow Buffer Overflow Vampset
NVD GitHub
CVSS 2.0
4.1
EPSS
0.1%
CVE-2014-5399 HIGH This Week

SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric SQLi Wonderware Information Server
NVD GitHub
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-5398 LOW Monitor

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Schneider Electric XXE Denial Of Service Wonderware Information Server
NVD GitHub
CVSS 2.0
2.1
EPSS
0.3%
CVE-2014-5397 HIGH This Week

Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Schneider Electric Wonderware Information Server
NVD GitHub
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-2381 LOW Monitor

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Information Server
NVD GitHub
CVSS 2.0
2.1
EPSS
0.0%
CVE-2014-2380 HIGH This Week

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Information Server
NVD GitHub
CVSS 2.0
7.8
EPSS
0.1%
CVE-2014-0789 MEDIUM This Month

Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Denial Of Service Schneider Electric Buffer Overflow Opc Factory Server Tlxcdlfofs +4
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2013-0662 CRITICAL POC THREAT Emergency

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 50.6%.

Schneider Electric Memory Corruption Buffer Overflow RCE Concept +11
NVD Exploit-DB VulDB
CVSS 2.0
9.3
EPSS
50.6%
Threat
4.9
CVE-2014-0779 MEDIUM This Month

The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 component in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R2 build 71.4165, 2010 R2.1 build 71.4325, 2010 R3 build. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Schneider Electric Buffer Overflow Clearscada
NVD
CVSS 2.0
6.8
EPSS
0.7%
CVE-2014-0774 MEDIUM This Month

Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Schneider Electric Ofs Test Client Tlxcdlfofs33 Ofs Test Client Tlxcdltofs33 +4
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-0759 MEDIUM This Month

Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed. Rated medium severity (CVSS 5.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Microsoft Information Disclosure
NVD VulDB
CVSS 3.1
5.9
EPSS
0.7%
CVE-2013-2824 HIGH PATCH This Week

Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Schneider Electric Citectscada Powerlogic Scada Struxureware Powerscada Expert +1
NVD
CVSS 2.0
7.8
EPSS
0.2%
CVE-2013-6143 MEDIUM This Month

The Schneider Electric Telvent SAGE 3030 RTU with firmware C3413-500-001D3_P4 and C3413-500-001F0_PB allows remote attackers to cause a denial of service (temporary outage and CPU consumption) via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric Telvent Sage 3030 Firmware
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-6142 MEDIUM This Month

DNP3Driver.exe in the DNP3 driver in Schneider Electric ClearSCADA 2010 R2 through 2010 R3.1 and SCADA Expert ClearSCADA 2013 R1 through 2013 R1.2 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Schneider Electric Clearscada
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-2782 CRITICAL Act Now

Schneider Electric Trio J-Series License Free Ethernet Radio with firmware 3.6.0 through 3.6.3 uses the same AES encryption key across different customers' installations, which makes it easier for. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric Information Disclosure Tburjr900 Tburjr900 Firmware
NVD
CVSS 2.0
9.3
EPSS
0.3%
CVE-2013-2796 MEDIUM PATCH This Month

Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet. Rated medium severity (CVSS 6.9).

Privilege Escalation Denial Of Service Schneider Electric XXE Citectscada +2
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2013-0687 MEDIUM This Month

The installer routine in Schneider Electric MiCOM S1 Studio uses world-writable permissions for executable files, which allows local users to modify the service or the configuration files, and. Rated medium severity (CVSS 6.6). No vendor patch available.

Privilege Escalation Schneider Electric Micom S1 Studio
NVD
CVSS 2.0
6.6
EPSS
0.0%
CVE-2013-2763 MEDIUM This Month

The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric Modicon M340 Bmx Noc 0401 Firmware Modicon M340 Bmx Noe 0100 Firmware Modicon M340 Bmx Noe 0100H Firmware +9
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-2762 CRITICAL Act Now

The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Authentication Bypass Magelis Xbt Hmi
NVD
CVSS 2.0
10.0
EPSS
0.1%
CVE-2013-2761 MEDIUM This Month

The Schneider Electric M340 BMXNOE01xx and BMXP3420xx PLC modules allow remote authenticated users to cause a denial of service (module crash) via crafted FTP traffic, as demonstrated by the. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Schneider Electric Modicon M340
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2013-0664 HIGH This Week

The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages,. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric RCE Modicon Quantum Plc Modicon M340 Modicon Premium
NVD
CVSS 2.0
8.5
EPSS
1.2%
CVE-2013-0663 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103,. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Schneider Electric Modicon Quantum Plc Modicon M340 Modicon Premium
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.4%
CVE-2013-0658 CRITICAL POC THREAT Emergency

Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and earlier allows remote attackers to execute arbitrary code via a crafted HTTP request. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 62.3%.

Buffer Overflow Schneider Electric RCE Accutech Manager
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
62.3%
Threat
5.4
CVE-2013-0657 CRITICAL POC PATCH THREAT Act Now

Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 61.4%.

Buffer Overflow Schneider Electric RCE Interactive Graphical Scada System
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
61.4%
Threat
5.3
CVE-2013-0655 CRITICAL Act Now

The client in Schneider Electric Software Update (SESU) Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric RCE Software Update Utility
NVD
CVSS 2.0
9.3
EPSS
1.5%
CVE-2012-1990 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Schneider Electric XSS Kerweb Kerwin
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2012-0931 CRITICAL Act Now

Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Schneider Electric Denial Of Service Authentication Bypass Modicon Quantum Plc
NVD
CVSS 3.1
9.8
EPSS
4.1%
CVE-2012-0930 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric XSS Modicon Quantum Plc
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2012-0929 HIGH Act Now

Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the (1) FTP server or (2) HTTP server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.5% and no vendor patch available.

Buffer Overflow Denial Of Service Schneider Electric Modicon Quantum Plc
NVD
CVSS 3.1
7.5
EPSS
12.5%
EPSS 0% CVSS 5.5
MEDIUM This Month

All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Schneider Electric +1
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses cleartext RAM storage for passwords, which might allow remote attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Schneider Electric Information Disclosure Struxureware Data Center Expert
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Intouch Access Anywhere
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Intouch Access Anywhere
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Schneider Electric Wonderware Intouch Access Anywhere
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Command Injection Homelynk Controller Lss100100 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Interactive Graphical Scada System
NVD
EPSS 21% CVSS 7.5
HIGH POC THREAT Act Now

An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 20.5%.

Denial Of Service Schneider Electric Conext Combox 865 1058 Firmware
NVD Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Schneider Electric Information Disclosure
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Schneider Electric
NVD VulDB
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Schneider Electric +3
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Schneider Electric Homelynk Controller Lss100100 Firmware
NVD
EPSS 1% CVSS 7.3
HIGH This Week

An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Historian
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Schneider Electric +8
NVD
EPSS 14% CVSS 5.3
MEDIUM This Month

An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.7% and no vendor patch available.

Denial Of Service Microsoft Schneider Electric +8
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Code Injection Schneider Electric +1
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Schneider Electric Connexium Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Schneider Electric Powerlogic Pm8Ecc Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Schneider Electric Ion5000 +5
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Schneider Electric Ion5000 +5
NVD Exploit-DB
EPSS 4% CVSS 7.3
HIGH PATCH This Week

An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors,. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Schneider Electric RCE Somachine Hvac Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Schneider Electric RCE Pelco Digital Sentry Video Management System Firmware
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Schneider Electric PowerLogic PM8ECC module before 2.651 for PowerMeter 800 devices allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Schneider Electric Powerlogic Pm8Ecc Firmware
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Telvent Rtu Firmware
NVD
EPSS 14% CVSS 7.2
HIGH POC THREAT Act Now

Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P 1.7 and earlier allows remote authenticated administrators to execute arbitrary OS commands by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.0%.

Schneider Electric Authentication Bypass Struxureware Building Operations Automation Server As Firmware +1
NVD Exploit-DB
EPSS 2% CVSS 10.0
CRITICAL Act Now

Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Buffer Overflow RCE +13
NVD
EPSS 4% CVSS 6.8
MEDIUM This Month

The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Schneider Electric Buffer Overflow +2
NVD
EPSS 11% CVSS 6.8
MEDIUM This Month

Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 11.2% and no vendor patch available.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.7
HIGH This Week

Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory. Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric Buffer Overflow +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code or cause a denial of service (unhandled runtime exception and application crash) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric RCE +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

The Remote Agent component in Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-2649. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric RCE Web Studio
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Schneider Electric StruxureWare Building Expert MPM before 2.15 does not use encryption for the client-server data stream, which allows remote attackers to discover credentials by sniffing the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Struxureware Building Expert Multi Purpose Management
NVD
EPSS 3% CVSS 5.8
MEDIUM PATCH This Month

Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Schneider Electric Information Disclosure Vxworks
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Rated medium severity (CVSS 6.9). This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Schneider Electric Wonderware System Platform 2014
NVD
EPSS 0% CVSS 1.7
LOW Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local. Rated low severity (CVSS 1.7), this vulnerability is low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Web Studio +1
NVD
EPSS 0% CVSS 4.4
MEDIUM POC PATCH This Month

Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 allow local users to gain privileges via malformed disturbance-recording data in a (1) CFG or (2) DAT file. Rated medium severity (CVSS 4.4). Public exploit code available.

Schneider Electric Buffer Overflow Vampset
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Schneider Electric Information Disclosure Aveva Edge +1
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Schneider Electric Information Disclosure Aveva Edge +1
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Schneider Electric Information Disclosure Aveva Edge +1
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Schneider Electric Information Disclosure Aveva Edge +1
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in an unspecified DLL in Schneider Electric Pelco DS-NVs before 7.8.90 allows remote attackers to execute arbitrary code via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Stack-based buffer overflow in Device Type Manager (DTM) 3.1.6 and earlier for Schneider Electric Invensys SRD Control Valve Positioner devices 960 and 991 allows local users to gain privileges via a. Rated medium severity (CVSS 6.9). No vendor patch available.

Schneider Electric Buffer Overflow Device Type Manager
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow +5
NVD
EPSS 1% CVSS 10.0
CRITICAL PATCH Act Now

The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Schneider Electric Authentication Bypass Etg3000 Factorycast Hmi Gateway Firmware +4
NVD
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Schneider Electric Authentication Bypass Etg3000 Factorycast Hmi Gateway Firmware +4
NVD
EPSS 6% CVSS 10.0
CRITICAL Act Now

Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow +2
NVD
EPSS 20% CVSS 10.0
CRITICAL PATCH Act Now

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6%.

Command Injection Schneider Electric RCE +2
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 5% CVSS 10.0
CRITICAL Act Now

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 19% CVSS 10.0
CRITICAL PATCH Act Now

Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.9%.

Path Traversal Schneider Electric Stbnic2212 Firmware +42
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algorithm for an X.509 certificate, which makes it easier for remote attackers to spoof servers via a. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Clearscada +1
NVD GitHub
EPSS 1% CVSS 6.4
MEDIUM This Month

Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attackers to read database records by leveraging access to the guest account. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Authentication Bypass Clearscada +1
NVD GitHub
EPSS 0% CVSS 4.9
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

XSS Schneider Electric Clearscada +1
NVD GitHub
EPSS 0% CVSS 4.1
MEDIUM This Month

Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2). Rated medium severity (CVSS 4.1). No vendor patch available.

Denial Of Service Schneider Electric Stack Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric SQLi Wonderware Information Server
NVD GitHub
EPSS 0% CVSS 2.1
LOW Monitor

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Schneider Electric XXE Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Schneider Electric Wonderware Information Server
NVD GitHub
EPSS 0% CVSS 2.1
LOW Monitor

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Information Server
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Information Server
NVD GitHub
EPSS 1% CVSS 5.0
MEDIUM This Month

Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Denial Of Service Schneider Electric +6
NVD
EPSS 51% 4.9 CVSS 9.3
CRITICAL POC THREAT Emergency

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 50.6%.

Schneider Electric Memory Corruption Buffer Overflow +13
NVD Exploit-DB VulDB
EPSS 1% CVSS 6.8
MEDIUM This Month

The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 component in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R2 build 71.4165, 2010 R2.1 build 71.4325, 2010 R3 build. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Schneider Electric Buffer Overflow +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Schneider Electric +6
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed. Rated medium severity (CVSS 5.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Microsoft Information Disclosure
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Schneider Electric Citectscada +3
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The Schneider Electric Telvent SAGE 3030 RTU with firmware C3413-500-001D3_P4 and C3413-500-001F0_PB allows remote attackers to cause a denial of service (temporary outage and CPU consumption) via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric Telvent Sage 3030 Firmware
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

DNP3Driver.exe in the DNP3 driver in Schneider Electric ClearSCADA 2010 R2 through 2010 R3.1 and SCADA Expert ClearSCADA 2013 R1 through 2013 R1.2 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Schneider Electric Clearscada
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Schneider Electric Trio J-Series License Free Ethernet Radio with firmware 3.6.0 through 3.6.3 uses the same AES encryption key across different customers' installations, which makes it easier for. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric Information Disclosure Tburjr900 +1
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet. Rated medium severity (CVSS 6.9).

Privilege Escalation Denial Of Service Schneider Electric +4
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

The installer routine in Schneider Electric MiCOM S1 Studio uses world-writable permissions for executable files, which allows local users to modify the service or the configuration files, and. Rated medium severity (CVSS 6.6). No vendor patch available.

Privilege Escalation Schneider Electric Micom S1 Studio
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric Modicon M340 Bmx Noc 0401 Firmware +11
NVD
EPSS 0% CVSS 10.0
CRITICAL Act Now

The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Authentication Bypass Magelis Xbt Hmi
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The Schneider Electric M340 BMXNOE01xx and BMXP3420xx PLC modules allow remote authenticated users to cause a denial of service (module crash) via crafted FTP traffic, as demonstrated by the. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Schneider Electric +1
NVD
EPSS 1% CVSS 8.5
HIGH This Week

The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages,. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric RCE Modicon Quantum Plc +2
NVD
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103,. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Schneider Electric Modicon Quantum Plc +2
NVD Exploit-DB
EPSS 62% 5.4 CVSS 10.0
CRITICAL POC THREAT Emergency

Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and earlier allows remote attackers to execute arbitrary code via a crafted HTTP request. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 62.3%.

Buffer Overflow Schneider Electric RCE +1
NVD Exploit-DB
EPSS 61% 5.3 CVSS 10.0
CRITICAL POC PATCH THREAT Act Now

Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 61.4%.

Buffer Overflow Schneider Electric RCE +1
NVD Exploit-DB
EPSS 1% CVSS 9.3
CRITICAL Act Now

The client in Schneider Electric Software Update (SESU) Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric RCE Software Update Utility
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Schneider Electric XSS Kerweb +1
NVD Exploit-DB
EPSS 4% CVSS 9.8
CRITICAL Act Now

Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Schneider Electric Denial Of Service +2
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric XSS Modicon Quantum Plc
NVD
EPSS 13% CVSS 7.5
HIGH Act Now

Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the (1) FTP server or (2) HTTP server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.5% and no vendor patch available.

Buffer Overflow Denial Of Service Schneider Electric +1
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy