174
CVEs
52
Critical
64
High
0
KEV
13
PoC
90
Unpatched C/H
23.0%
Patch Rate
3.2%
Avg EPSS
Severity Breakdown
CRITICAL
52
HIGH
64
MEDIUM
52
LOW
6
Monthly CVE Trend
Affected Products (30)
U Motion Builder
23
Imp319 1Er Firmware
15
Ibps110 1Er Firmware
15
Imp1110 1 Firmware
15
Imp519 1Er Firmware
15
Imp519 1 Firmware
15
Imp219 1Er Firmware
15
Imps110 1Er Firmware
15
Imp219 1E Firmware
15
Imp319 1E Firmware
15
Ibp319 1Er Firmware
15
Imp519 1E Firmware
15
Ibp219 1Er Firmware
15
Imp1110 1Er Firmware
15
Imp319 1 Firmware
15
Imps110 1E Firmware
15
Ibp519 1Er Firmware
15
Imp219 1 Firmware
15
Imp1110 1E Firmware
15
Ibp1110 1Er Firmware
15
PHP
13
Mps110 1 Firmware
12
Modicon M340 Bmxp342020 Firmware
9
Modicon M340 Bmxp3420302 Firmware
8
Modicon M340 Bmxp342020H Firmware
8
Modicon M340 Bmxp341000 Firmware
8
Modicon M340 Bmxp3420302H Firmware
8
Modicon M340 Bmxp3420102Cl Firmware
7
Tsxp573634M Firmware
7
Tsxp575634M Firmware
7
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2013-0658 | Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and earlier allows remote attackers to execute arbitrary code via a crafted HTTP request. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 62.3%. | CRITICAL | 10.0 | 62.3% | 132 |
PoC
No patch
|
| CVE-2013-0657 | Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 61.4%. | CRITICAL | 10.0 | 61.4% | 131 |
PoC
|
| CVE-2013-0662 | Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 50.6%. | CRITICAL | 9.3 | 50.6% | 117 |
PoC
No patch
|
| CVE-2017-6026 | A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.6%. | CRITICAL | 9.1 | 18.6% | 84 |
PoC
No patch
|
| CVE-2017-6019 | An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 20.5%. | HIGH | 7.5 | 20.5% | 78 |
PoC
No patch
|
| CVE-2017-7575 | Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 1.3% | 70 |
PoC
No patch
|
| CVE-2016-2278 | Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P 1.7 and earlier allows remote authenticated administrators to execute arbitrary OS commands by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.0%. | HIGH | 7.2 | 14.0% | 70 |
PoC
No patch
|
| CVE-2014-9188 | Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6%. | CRITICAL | 10.0 | 19.6% | 70 |
|
| CVE-2014-0754 | Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.9%. | CRITICAL | 10.0 | 18.9% | 69 |
|
| CVE-2017-9629 | A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 19.7% and no vendor patch available. | CRITICAL | 9.8 | 19.7% | 69 |
No patch
|
| CVE-2016-5809 | An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 8.8 | 0.9% | 65 |
PoC
No patch
|
| CVE-2018-7765 | The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.8 | 2.9% | 64 |
PoC
No patch
|
| CVE-2017-7974 | A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | CRITICAL | 9.8 | 7.8% | 57 |
No patch
|
| CVE-2014-9190 | Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available. | CRITICAL | 10.0 | 6.4% | 56 |
No patch
|
| CVE-2014-8511 | Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available. | CRITICAL | 10.0 | 5.4% | 55 |
No patch
|