Skip to main content

Vijeo Designer

5 CVEs product

Monthly

CVE-2024-8306 HIGH This Week

access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Vijeo Designer Vijeo Designer Embedded In Ecostruxure Machine Expert
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-22704 CRITICAL Act Now

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Path Traversal Authentication Bypass Vijeo Designer Ecostruxure Machine Expert
NVD
CVSS 3.1
9.1
EPSS
1.3%
CVE-2021-22705 HIGH PATCH This Week

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or unauthorized access to system information when interacting directly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Authentication Bypass Vijeo Designer Ecostruxure Machine Expert
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-7501 HIGH This Week

A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Vijeo Designer
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-7490 HIGH This Week

A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior), which could cause arbitrary code execution on the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Vijeo Designer
NVD
CVSS 3.1
7.8
EPSS
0.4%
EPSS 0% CVSS 7.8
HIGH This Week

access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Vijeo Designer Vijeo Designer Embedded In Ecostruxure Machine Expert
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Path Traversal Authentication Bypass +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or unauthorized access to system information when interacting directly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Authentication Bypass +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Vijeo Designer
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior), which could cause arbitrary code execution on the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Vijeo Designer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy