Skip to main content

Unity Pro

5 CVEs product

Monthly

CVE-2020-7560 HIGH This Week

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Ecostruxure Control Expert Unity Pro
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2020-7475 CRITICAL Act Now

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Ecostruxure Control Expert Unity Pro Modicon M340 Firmware Modicon M580 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2016-8354 HIGH This Week

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Code Injection Schneider Electric Unity Pro
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2014-9200 HIGH This Week

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow RCE Somachine +3
NVD
CVSS 2.0
7.5
EPSS
2.2%
CVE-2013-0662 CRITICAL POC THREAT Emergency

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 50.6%.

Schneider Electric Memory Corruption Buffer Overflow RCE Concept +11
NVD Exploit-DB VulDB
CVSS 2.0
9.3
EPSS
50.6%
Threat
4.9
EPSS 1% CVSS 8.6
HIGH This Week

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Ecostruxure Control Expert Unity Pro
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Ecostruxure Control Expert Unity Pro +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Code Injection Schneider Electric +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow +5
NVD
EPSS 51% 4.9 CVSS 9.3
CRITICAL POC THREAT Emergency

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 50.6%.

Schneider Electric Memory Corruption Buffer Overflow +13
NVD Exploit-DB VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy