schneider-electric

776 tracked vulnerabilities.

CVE-2020-7502 HIGH
Modicon M218 Firmware < 4.3 - Denial of Service via Crafted TCP/IP Packets
Jun 16, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-7501 HIGH
Vijeo Designer Basic < 1.1 HotFix 16 and Vijeo Designer < 6.2 SP9 - Use of Hard-coded Credentials
Jun 16, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-7500 CRITICAL
Schneider Electric U.motion Servers and Touch Panels < 1.4.2 - SQL Injection
Jun 16, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-7499 MEDIUM
Schneider Electric U.motion Servers and Touch Panels < 1.4.2 - Incorrect Authorization
Jun 16, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-7498 CRITICAL
Unity Loader and OS Loader - Use of Hard-coded Credentials
Jun 16, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-7497 CRITICAL
EcoStruxure Operator Terminal Expert <= 3.1 Service Pack 1 - Path Traversal
Jun 16, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-7495 MEDIUM
EcoStruxure Operator Terminal Expert <= 3.1 Service Pack 1 - Path Traversal via Project File Extraction
Jun 16, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-7494 HIGH
EcoStruxure Operator Terminal Expert <= 3.1 Service Pack 1 - Path Traversal and Remote Code Execution via Project File
Jun 16, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-7493 HIGH
EcoStruxure Operator Terminal Expert <= 3.1 Service Pack 1 - SQL Injection via Project File
Jun 16, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-7492 MEDIUM
GP-Pro EX <4.09.100 - Info Disclosure
Jun 16, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-10626 HIGH
Fazecast jSerialComm <2.2.2 - Code Injection
May 14, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7490 HIGH
Vijeo Designer Basic < 1.1 HotFix 15 and Vijeo Designer < 6.9 SP9 - Untrusted Search Path
Apr 22, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7489 CRITICAL
EcoStruxure Machine Expert and SoMachine Basic - DLL Substitution via Improper Neutralization
Apr 22, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-7488 HIGH
EcoStruxure Machine Expert - Cleartext Transmission of Sensitive Information
Apr 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7487 CRITICAL
EcoStruxure Machine Expert - Insufficient Verification of Data Authenticity
Apr 22, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-7486 HIGH
Schneider Electric Triconex TCM 4351/4352 Firmware v10.4.x and v10.3.x - Denial of Service via High Network Load
Apr 16, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-7485 CRITICAL
TriStation <4.9.0 - Privilege Escalation
Apr 16, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-7484 HIGH
Schneider Electric TriStation 1131 1.0-4.13.0 - Denial of Service via Password Feature
Apr 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7483 HIGH
Schneider Electric TriStation 1131 < 4.12.0 - Cleartext Transmission of Sensitive Information via Password Feature
Apr 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7482 MEDIUM
Andover Continuum - Reflected Cross-Site Scripting via Web Server
Mar 23, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-7481 MEDIUM
Andover Continuum - Cross-Site Scripting via Web Server
Mar 23, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-7480 CRITICAL
Andover Continuum - Code Injection via XML Processing
Mar 23, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-7479 HIGH
Schneider-electric Interactive Graphi... - Missing Authentication
Mar 23, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-7478 HIGH
Interactive Graphical SCADA System < 14.0.0.20009 - Unauthenticated Path Traversal via IGSS Update Service
Mar 23, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-7477 HIGH
Schneider Electric Quantum Ethernet Modules - Denial of Service via Modbus Command
Mar 23, 2020
CVSS 7.5
EPSS 0.01