schneider-electric

776 tracked vulnerabilities.

CVE-2020-7559 HIGH
EcoStruxure Control Expert - Classic Buffer Overflow via Modbus Request
Nov 19, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-7558 HIGH
Interactive Graphical SCADA System < 14.0.0.20247 - Remote Code Execution via Malicious CGF File Import
Nov 19, 2020
CVSS 7.8
EPSS 0.02
CVE-2020-7557 HIGH
Interactive Graphical SCADA System < 14.0.0.20247 - Remote Code Execution via Malicious CGF File Import
Nov 19, 2020
CVSS 7.8
EPSS 0.02
CVE-2020-7556 HIGH
Interactive Graphical SCADA System < 14.0.0.20247 - Remote Code Execution via Malicious CGF File Import
Nov 19, 2020
CVSS 7.8
EPSS 0.02
CVE-2020-7555 HIGH
Interactive Graphical SCADA System < 14.0.0.20247 - Remote Code Execution via Malicious CGF File Import
Nov 19, 2020
CVSS 7.8
EPSS 0.02
CVE-2020-7554 HIGH
Interactive Graphical SCADA System < 14.0.0.20247 - Remote Code Execution via Malicious CGF File Import
Nov 19, 2020
CVSS 7.8
EPSS 0.02
CVE-2020-7553 HIGH
Interactive Graphical SCADA System < 14.0.0.20247 - Remote Code Execution via Malicious CGF File Import
Nov 19, 2020
CVSS 7.8
EPSS 0.02
CVE-2020-7552 HIGH
Interactive Graphical SCADA System < 14.0.0.20247 - Remote Code Execution via Malicious CGF File Import
Nov 19, 2020
CVSS 7.8
EPSS 0.02
CVE-2020-7551 HIGH
Interactive Graphical SCADA System < 14.0.0.20247 - Remote Code Execution via Malicious CGF File Import
Nov 19, 2020
CVSS 7.8
EPSS 0.02
CVE-2020-7550 HIGH
Interactive Graphical SCADA System < 14.0.0.20247 - Remote Code Execution via Malicious CGF File Import
Nov 19, 2020
CVSS 7.8
EPSS 0.02
CVE-2020-7544 HIGH
EcoStruxure Operator Terminal Expert Runtime - Privilege Escalation via Driver Interaction
Nov 19, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7538 HIGH
EcoStruxure Control Expert - Denial of Service via Modbus Request
Nov 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-28213 HIGH
EcoStruxure Control Expert - Unauthorized Command Execution via Modbus Requests
Nov 19, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-28212 CRITICAL
EcoStruxure Control Expert - Unauthenticated Brute Force Attack via Modbus
Nov 19, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-28211 HIGH
EcoStruxure Control Expert - Incorrect Authorization via Debugger Memory Overwrite
Nov 19, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-28209 HIGH
EcoStruxure Building Operation <3.1 - Privilege Escalation
Nov 19, 2020
CVSS 7.0
EPSS 0.00
CVE-2020-28210 MEDIUM
EcoStruxure Building Operation 2.0-3.1 - Cross-Site Scripting
Nov 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-7564 HIGH
Modicon M340, Quantum and Premium Legacy - Classic Buffer Overflow via FTP File Upload
Nov 18, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-7563 HIGH
Modicon M340, Quantum and Premium Legacy - Out-of-bounds Write via FTP File Upload
Nov 18, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-7562 HIGH
Modicon M340, Quantum, and Premium Legacy - Out-of-bounds Read via FTP File Upload
Nov 18, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-7532 HIGH
SCADAPack x70 Security Administrator < 1.2.0 - Remote Code Execution via Malicious .SDB File
Sep 16, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-7531 HIGH
SCADAPack 7x Remote Connect < 3.6.3.574 - Unauthenticated Arbitrary Code Execution via Executable Placement
Sep 16, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-7530 HIGH
SCADAPack 7x Remote Connect < 3.6.3.574 - Improper Authorization
Sep 16, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-7529 MEDIUM
SCADAPack 7x Remote Connect < 3.6.3.574 - Path Traversal via Crafted .RCZ File
Sep 16, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-7528 HIGH
SCADAPack 7x Remote Connect < 3.6.3.574 - Remote Code Execution via Malicious .PRJ File
Sep 16, 2020
CVSS 7.8
EPSS 0.01