schneider-electric

776 tracked vulnerabilities.

CVE-2020-7476 HIGH
Schneider Electric ULTI ZigBee Installation Toolkit < 1.0.1 - Untrusted Search Path
Mar 23, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7475 CRITICAL
EcoStruxure Control Expert <14.1, Unity Pro, Modicon M340 <3.20, M580 <3.10 - DLL Injection
Mar 23, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-7474 HIGH
ProSoft Configurator < 1.002 - Untrusted Code Execution via DLL Search Path
Mar 23, 2020
CVSS 7.8
EPSS 0.00
CVE-2019-6834 HIGH
Schneider Electric SESU <2.3.0 - Code Injection
Apr 13, 2022
CVSS 7.3
EPSS 0.01
CVE-2019-6859 HIGH
Modicon Controllers - Info Disclosure
Apr 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2019-6858 HIGH
MSX Configurator <V1.0.8.1 - Privilege Escalation
Jan 22, 2020
CVSS 7.8
EPSS 0.00
CVE-2019-6857 HIGH
Modicon M580 < 2.80, M340 < 3.01, Quantum/TSX H/P 57 < 3.20 - Denial of Service via Modbus TCP Memory Block Read
Jan 06, 2020
CVSS 7.5
EPSS 0.02
CVE-2019-6856 HIGH
Modicon M580, M340, Quantum, Premium < 2.80/3.01/3.20 - Denial of Service via Modbus TCP Memory Block Write
Jan 06, 2020
CVSS 7.5
EPSS 0.02
CVE-2019-6855 HIGH
EcoStruxure Control Expert <14.1 - Auth Bypass
Jan 06, 2020
CVSS 7.3
EPSS 0.01
CVE-2019-6854 HIGH
EcoStruxure Geo SCADA Expert <1 Jan 2019 - Improper Authentication
Jan 06, 2020
CVSS 7.8
EPSS 0.00
CVE-2019-6853 MEDIUM
Andover Continuum - Cross-Site Scripting via Web Server
Nov 20, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-6852 HIGH
Modicon Controllers - Info Disclosure
Nov 20, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-6851 HIGH
Schneider Electric Modicon M580, M340, Premium, Quantum - File and Directory Information Exposure via TFTP Protocol
Oct 29, 2019
CVSS 7.5
EPSS 0.30
CVE-2019-6850 HIGH
Modicon M580/BMENOC - Info Disclosure
Oct 29, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6849 HIGH
Modicon M580,BMENOC 0311,BMENOC 0321 - Info Disclosure
Oct 29, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6848 HIGH
Modicon M580 and BMENOC - Denial of Service via REST API
Oct 29, 2019
CVSS 8.6
EPSS 0.33
CVE-2019-6847 MEDIUM
Modicon M580, M340, BMxCRA, and 140CRA Firmware - Denial of Service via FTP Firmware Upgrade
Oct 29, 2019
CVSS 4.9
EPSS 0.01
CVE-2019-6846 MEDIUM
Modicon M580, M340, BMxCRA, and 140CRA Firmware - Cleartext Transmission of Sensitive Information via FTP
Oct 29, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6845 HIGH
Modicon M580, M340, Premium, Quantum - Cleartext Transmission of Sensitive Information via Modbus TCP
Oct 29, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-6844 MEDIUM
Modicon M580, M340, BMxCRA and 140CRA Firmware - Denial of Service via Invalid Web Server Image in FTP Firmware Upgrade
Oct 29, 2019
CVSS 4.9
EPSS 0.01
CVE-2019-6843 MEDIUM
Modicon M580, M340, BMxCRA, and 140CRA - Denial of Service via Empty Firmware Package Upgrade
Oct 29, 2019
CVSS 4.9
EPSS 0.01
CVE-2019-6842 MEDIUM
Modicon M580, M340, BMxCRA, and 140CRA Firmware - Denial of Service via FTP Firmware Upgrade
Oct 29, 2019
CVSS 4.9
EPSS 0.01
CVE-2019-6841 MEDIUM
Modicon M580, M340, BMxCRA, and 140CRA - Denial of Service via FTP Firmware Upgrade
Oct 29, 2019
CVSS 4.9
EPSS 0.24
CVE-2019-6840 CRITICAL
Schneider Electric U.motion Server - Format String
Sep 17, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-6839 HIGH
Schneider Electric U.motion Server - Unrestricted File Upload
Sep 17, 2019
CVSS 8.8
EPSS 0.01