Skip to main content

Software Update Utility

3 CVEs product

Monthly

CVE-2020-7520 MEDIUM PATCH This Month

A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability exists in Schneider Electric Software Update (SESU), V2.4.0 and prior, which could cause execution of malicious code on. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required.

Schneider Electric Microsoft Open Redirect Software Update Utility
NVD
CVSS 3.1
4.7
EPSS
0.9%
CVE-2018-7799 HIGH This Week

A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Schneider Electric RCE Software Update Utility
NVD
CVSS 3.0
7.8
EPSS
2.8%
CVE-2013-0655 CRITICAL Act Now

The client in Schneider Electric Software Update (SESU) Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric RCE Software Update Utility
NVD
CVSS 2.0
9.3
EPSS
1.5%
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability exists in Schneider Electric Software Update (SESU), V2.4.0 and prior, which could cause execution of malicious code on. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required.

Schneider Electric Microsoft Open Redirect +1
NVD
EPSS 3% CVSS 7.8
HIGH This Week

A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Schneider Electric RCE Software Update Utility
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

The client in Schneider Electric Software Update (SESU) Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric RCE Software Update Utility
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy