Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / schneider-electric

schneider-electric

765 tracked vulnerabilities.

CVE-2023-37199 MEDIUM

StruxureWare Data Center Expert < 7.9.3 - Authenticated Remote Code Execution via Backup Tampering

CVE-2023-37198 MEDIUM

StruxureWare Data Center Expert < 7.9.3 - Authenticated Remote Code Execution via Install Package Upload

CVE-2023-37197 HIGH

StruxureWare Data Center Expert < 7.9.3 - Authenticated SQL Injection via Mass Configuration Settings

CVE-2023-37196 HIGH

StruxureWare Data Center Expert < 7.9.3 - Authenticated SQL Injection via Alert Settings Tampering

CVE-2023-3001 HIGH

IGSS Dashboard < 16.0.0.23131 - Remote Code Execution via Malicious File Deserialization

CVE-2023-2570 HIGH

Schneider Electric EcoStruxure Foxboro DCS Control Core Services - Local DoS and Kernel Execution via IOCTL

CVE-2023-2569 HIGH

EcoStruxure Foxboro DCS Control Core Services - Out-of-Bounds Write via IOCTL Call in Foxboro.sys Driver

CVE-2023-1049 HIGH

EcoStruxure Operator Terminal Expert and Pro-Face Blue < 3.3 - Remote Code Execution via Malicious Project File

CVE-2023-2161 MEDIUM

Schneider Electric OPC Factory Server - XML External Entity Reference

CVE-2023-25620 MEDIUM

Schneider Electric Modicon M580 Firmware < 4.10 - Authenticated Denial of Service via Malicious Project File

CVE-2023-25619 HIGH

Modicon M580 Firmware < 4.10 - Denial of Service via Modbus TCP Protocol

CVE-2023-29410 HIGH

Schneider Electric InsightHome, InsightFacility, Conext Gateway Firmware < 1.16 - Authenticated Remote Code Execution

CVE-2023-28004 CRITICAL

PowerLogic HDPM6000 Firmware < 0.58.6 - Denial of Service or Remote Code Execution via Ethernet Request

CVE-2023-29413 HIGH

Schneider Electric APC Easy UPS Online Monitoring Software < 2.5 - Unauthenticated DoS

CVE-2023-29412 CRITICAL

APC Easy UPS Online Monitoring Software < 2.5 Remote Code Execution via Java RMI

CVE-2023-29411 CRITICAL

APC Easy UPS Online Monitoring Software < 2.5-ga-01-22320 and < 2.5-gs-01-22320 - Remote Code Execution via Java RMI

CVE-2023-28003 MEDIUM

EcoStruxure Power Monitoring Expert < 2022 - Insufficient Session Expiration

CVE-2023-25555 MEDIUM

StruxureWare Data Center Expert < 7.9.2 - Authenticated OS Command Injection via SSH

CVE-2023-25554 HIGH

StruxureWare Data Center Expert <= 7.9.2 - OS Command Injection

CVE-2023-25553 MEDIUM

StruxureWare Data Center Expert <= 7.9.2 - Cross-Site Scripting via Logging Capabilities

CVE-2023-25552 HIGH

StruxureWare Data Center Expert < 7.9.2 - Missing Authorization via Device File Transfer Settings

CVE-2023-25551 MEDIUM

StruxureWare Data Center Expert <= 7.9.2 - Cross-Site Scripting via File Upload Endpoint

CVE-2023-25550 HIGH

StruxureWare Data Center Expert < 7.9.2 - Remote Code Execution via Hostname Parameter

CVE-2023-25549 HIGH

StruxureWare Data Center Expert <= 7.9.2 - Remote Code Execution via DCE Network Settings Endpoint

CVE-2023-25548 HIGH

StruxureWare Data Center Expert < 7.9.2 - Incorrect Authorization

Previous Page 3 of 31 Next

Products

struxureware_data_center_expert 48 interactive_graphical_scada_system 43 modicon_m580_firmware 41 modicon_m340_firmware 39 modicon_m340_bmxp342020_firmware 32 modicon_m340_bmxp3420302_firmware 28 modicon_m340_bmxp341000_firmware 27 ecostruxure_control_expert 26 modicon_m340_bmxp342000_firmware 25 modicon_m340_bmxp3420102_firmware 25 modicon_quantum_firmware 25 easergy_t300_firmware 24 u.motion_builder 24 modicon_premium_firmware 23 140cpu65150_firmware 20 evlink_city_evc1s22p4_firmware 18 evlink_city_evc1s7p4_firmware 18 evlink_parking_evf2_firmware 18 evlink_parking_evw2_firmware 18 evlink_smart_wallbox_evb1a_firmware 18 modicon_m340_bmxp3420102cl_firmware 17 spacelynk_firmware 17 modicon_m221_firmware 16 modicon_m340_bmxp342020h_firmware 16 modicon_m340_bmxp3420302cl_firmware 16 modicon_m340_bmxp3420302h_firmware 16 ibp1110-1er_firmware 15 ibp219-1er_firmware 15 ibp319-1er_firmware 15 ibp519-1er_firmware 15

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy