schneider-electric

776 tracked vulnerabilities.

CVE-2019-6838 MEDIUM
U.motion Server - Incorrect Authorization
Sep 17, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6837 CRITICAL
U.motion Server Firmware < 1.3.7 - Server-Side Request Forgery via URL Manipulation
Sep 17, 2019
CVSS 9.1
EPSS 0.01
CVE-2019-6836 HIGH
U.motion Server Firmware < 1.3.7 - Incorrect Authorization
Sep 17, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-6835 MEDIUM
U.motion Server Firmware < 1.3.7 - Cross-Site Scripting
Sep 17, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-6833 MEDIUM
Magelis HMI Panels - Info Disclosure
Sep 17, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6832 HIGH
spaceLYnk <2.4.0 & Wiser for KNX <2.4.0 - Auth Bypass
Sep 17, 2019
CVSS 8.3
EPSS 0.01
CVE-2019-6831 HIGH
BMXNOR0200H Ethernet / Serial RTU Module - Denial of Service via High Volume IEC 60870-5-104 Packets
Sep 17, 2019
CVSS 8.6
EPSS 0.01
CVE-2019-6830 MEDIUM
Modicon M580 Firmware < 2.80 - Denial of Service via HTTP Request
Sep 17, 2019
CVSS 5.9
EPSS 0.01
CVE-2019-6829 HIGH
Modicon M580 <V2.90, Modicon M340 <V3.10 - DoS
Sep 17, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6828 HIGH
Modicon M580 < 2.90, M340 < 3.10, Premium, Quantum - Denial of Service via Modbus Coil/Register Read
Sep 17, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6826 HIGH
SoMachine HVAC < 2.4.1 - Untrusted Search Path DLL Loading
Sep 17, 2019
CVSS 7.8
EPSS 0.01
CVE-2019-6813 HIGH
Schneider Electric Modicon M340 and BMXNOR0200H - Denial of Service via Truncated SNMP Packets
Sep 17, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6811 HIGH
Modicon Quantum 140 NOE771x1 Firmware <= 6.9 - Denial of Service via Oversized IP Fragmented Packet
Sep 17, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-6810 HIGH
BMXNOR0200H Ethernet / Serial RTU module - Unauthenticated Command Execution via IEC 60870-5-104 Protocol
Sep 17, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-6809 HIGH
Modicon M580 < 2.90, M340 < 3.10, Premium, Quantum - Denial of Service via Invalid Data Handling
Sep 17, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6827 HIGH
Interactive Graphical SCADA System < 12.0 - Out-of-bounds Write via mdb Database Manipulation
Jul 15, 2019
CVSS 7.8
EPSS 0.01
CVE-2019-6825 HIGH
ProClima < 8.0.0 - Uncontrolled Search Path Element via Malicious DLL Execution
Jul 15, 2019
CVSS 7.8
EPSS 0.01
CVE-2019-6824 CRITICAL
ProClima < 8.0.0 - Unauthenticated Remote Code Execution
Jul 15, 2019
CVSS 9.8
EPSS 0.04
CVE-2019-6823 CRITICAL
ProClima < 8.0.0 - Unauthenticated Remote Code Execution
Jul 15, 2019
CVSS 9.8
EPSS 0.05
CVE-2019-6822 HIGH
Zelio Soft 2 <= 5.2 - Remote Code Execution via Crafted Project File
Jul 15, 2019
CVSS 7.8
EPSS 0.04
CVE-2019-10981 HIGH
CitectSCADA 7.30-7.40 and Vijeo Citect 7.30-7.40 - Authenticated Credential Exposure
May 31, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-6808 CRITICAL
Modicon Premium, Quantum, M340, M580 Firmware - Unauthenticated Remote Code Execution via Modbus Configuration Overwrite
May 22, 2019
CVSS 9.8
EPSS 0.08
CVE-2019-6807 HIGH
Modicon M580 < 2.90, M340 < 3.10, Quantum, and Premium - Denial of Service via Modbus Sensitive Variable Write
May 22, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6806 HIGH
Modicon M580 < 2.90, M340 < 3.10, Quantum, and Premium - Information Exposure via Modbus SNMP Variable Read
May 22, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6821 MEDIUM
Modicon M580 <V2.30 - Use After Free
May 22, 2019
CVSS 6.5
EPSS 0.02