schneider-electric
776 tracked vulnerabilities.
CVE-2026-9718
MEDIUM
Schneider Electric PowerLogic™ P7 - Reachable Assertion
Jun 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9717
HIGH
Schneider Electric PowerLogic™ P7 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Jun 25, 2026
CVSS 7.2
EPSS 0.01
CVE-2026-9716
HIGH
Schneider Electric PowerLogic™ P7 - NULL Pointer Dereference
Jun 25, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8045
MEDIUM
Schneider Electric EcoStruxure™ IT Data Center Expert - Improper Restriction of XML External Entity Reference
Jun 09, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6332
HIGH
Clear Text Storage of Sensitive Information on EcoStruxure™ Machine Expert HVAC
May 14, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6866
HIGH
Initialization of a Resource with an Insecure Default vulnerability on EcoStruxure™ Panel Server
May 12, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-2405
MEDIUM
Schneider Electric PowerChute Serial Shutdown < 1.5 - Denial of Service via Excessive POST /helpabout Requests
Apr 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-2404
MEDIUM
Schneider Electric PowerChute Serial Shutdown <=1.4 - Log Injection
Apr 14, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-2403
MEDIUM
Schneider Electric PowerChute Serial Shutdown <=1.4 - Log Truncation
Apr 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-2402
MEDIUM
Schneider Electric PowerChute Serial Shutdown <=v1.4 - Auth Bypass
Apr 14, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-2401
MEDIUM
Schneider Electric PowerChute Serial Shutdown <=1.4 - Info Disclosure
Apr 14, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-2400
MEDIUM
Schneider Electric PowerChute Serial Shutdown <=1.4 - CRLF Injection
Apr 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-2399
MEDIUM
PowerChute Serial Shutdown < 1.5 - Path Traversal via /REST/upssleep Request
Apr 14, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-2273
HIGH
Engineering Workstation - Code Injection
Mar 10, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-1286
MEDIUM
Unspecified Product - Deserialization
Mar 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-13902
MEDIUM
Web Server - Cross-Site Scripting
Mar 10, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-13901
MEDIUM
Machine Expert - DoS
Mar 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-11739
HIGH
Product Version - Deserialization
Mar 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-13845
HIGH
EcoStruxure Power Build Rapsody - Use-After-Free via Malicious SSD Project File Import
Jan 15, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-13844
MEDIUM
EcoStruxure Power Build - Rapsody < 2.8.8 - Double Free via Malicious SSD File Import
Jan 15, 2026
CVSS 5.3
EPSS 0.00
CVE-2024-9409
HIGH
Schneider Electric PowerLogic PM5341, PM5340, PM5320 Firmware - Denial of Service via IGMP Packet Flood
Nov 13, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-10575
CRITICAL
EcoStruxure IT Gateway - Missing Authorization
Nov 13, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-8422
HIGH
Zelio Soft 2 < 5.4.2.2 - Use-After-Free via Malicious Project File
Oct 08, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-8306
HIGH
Vijeo Designer < 6.3 - Authenticated Privilege Escalation via Binary Tampering
Sep 11, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-6407
CRITICAL
Schneider Electric WHC-5918A Firmware - Information Exposure
Jul 11, 2024
CVSS 9.8
EPSS 0.00
Products
struxureware_data_center_expert 49
interactive_graphical_scada_system 43
modicon_m580_firmware 41
modicon_m340_firmware 39
modicon_m340_bmxp342020_firmware 32
modicon_m340_bmxp3420302_firmware 28
modicon_m340_bmxp341000_firmware 27
ecostruxure_control_expert 26
modicon_m340_bmxp342000_firmware 25
modicon_m340_bmxp3420102_firmware 25
modicon_quantum_firmware 25
easergy_t300_firmware 24
u.motion_builder 24
modicon_premium_firmware 23
140cpu65150_firmware 20
evlink_city_evc1s22p4_firmware 18
evlink_city_evc1s7p4_firmware 18
evlink_parking_evf2_firmware 18
evlink_parking_evw2_firmware 18
evlink_smart_wallbox_evb1a_firmware 18
modicon_m340_bmxp3420102cl_firmware 17
spacelynk_firmware 17
modicon_m221_firmware 16
modicon_m340_bmxp342020h_firmware 16
modicon_m340_bmxp3420302cl_firmware 16
modicon_m340_bmxp3420302h_firmware 16
ibp1110-1er_firmware 15
ibp219-1er_firmware 15
ibp319-1er_firmware 15
ibp519-1er_firmware 15
Quick Filters