schneider-electric

776 tracked vulnerabilities.

CVE-2020-7527 HIGH
SoMove < 2.8.1 - Incorrect Default Permissions
Aug 31, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7525 HIGH
Schneider Electric spaceLYnk and Wiser for KNX Firmware < 2.5.1 - Unauthenticated Password Brute-Force
Aug 31, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7524 HIGH
Modicon M218 Firmware < 5.0.0.7 - Denial of Service via Crafted IPv4 Packet
Aug 31, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7523 HIGH
Schneider Electric Modbus Serial Driver - Local Privilege Escalation via Service Invocation
Aug 31, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7522 CRITICAL
APC Easy UPS On-Line Software <= 2.0 - Path Traversal via SoundUploadServlet
Aug 31, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-7521 CRITICAL
APC Easy UPS On-Line Software < 2.0 - Path Traversal via FileUploadServlet
Aug 31, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-7520 MEDIUM
Schneider Electric Software Update < 2.4.0 - Open Redirect via Windows Registry Key Manipulation
Jul 23, 2020
CVSS 4.7
EPSS 0.01
CVE-2020-7519 HIGH
Easergy Builder <1.4.7.2 - Info Disclosure
Jul 23, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7518 HIGH
Easergy Builder < 1.4.7.2 - Unauthenticated Project Configuration File Modification
Jul 23, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7517 MEDIUM
Easergy Builder < 1.4.7.2 - Cleartext Storage of Sensitive Information
Jul 23, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-7516 HIGH
Easergy Builder < 1.4.7.2 - Cleartext Storage of Sensitive Information in Memory
Jul 23, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7515 HIGH
Easergy Builder < 1.4.7.2 - Use of Hard-coded Cryptographic Key
Jul 23, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7514 HIGH
Easergy Builder < 1.4.7.2 - Use of a Broken or Risky Cryptographic Algorithm
Jul 23, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7491 HIGH
Tricon system <10.5.3 - Info Disclosure
Jul 23, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7513 HIGH
Easergy T300 Firmware <= 1.5.2 - Cleartext Storage of Sensitive Information
Jun 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7512 CRITICAL
Easergy T300 <1.5.2 - Info Disclosure
Jun 16, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-7511 HIGH
Schneider-electric Easergy T300 Firmware < 1.5.2 - Broken Cryptographic Algorithm
Jun 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7510 HIGH
Easergy T300 Firmware <= 1.5.2 - Exposure of Sensitive Information via Private Key Disclosure
Jun 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7509 HIGH
Schneider-electric Easergy T300 Firmware < 1.5.2 - Improper Privilege Management
Jun 16, 2020
CVSS 7.2
EPSS 0.01
CVE-2020-7508 CRITICAL
Easergy T300 Firmware <= 1.5.2 - Unauthenticated Brute Force Attack
Jun 16, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-7507 HIGH
Easergy T300 Firmware < 1.5.2 - Denial of Service via Repeated Login Attempts
Jun 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7506 HIGH
Easergy T300 Firmware <= 1.5.2 - Information Exposure via Firmware Archive Handling
Jun 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7505 HIGH
Schneider-electric Easergy T300 Firmware < 1.5.2 - Download Without Integrity Check
Jun 16, 2020
CVSS 7.2
EPSS 0.01
CVE-2020-7504 MEDIUM
Easergy T300 Firmware < 1.5.2 - Denial of Service via Crafted Network Packets
Jun 16, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-7503 HIGH
Easergy T300 Firmware < 1.5.2 - Cross-Site Request Forgery via Intercepted XSRF Token
Jun 16, 2020
CVSS 8.8
EPSS 0.01