schneider-electric
776 tracked vulnerabilities.
CVE-2023-6032
MEDIUM
Network Management Card - Path Traversal
Nov 15, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-5987
MEDIUM
EcoStruxure Power Monitoring Expert - Cross-Site Scripting
Nov 15, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-5986
HIGH
EcoStruxure Power Monitoring Expert - Open Redirect via URL-Encoded Input
Nov 15, 2023
CVSS 8.2
EPSS 0.00
CVE-2023-5985
MEDIUM
ION8650 and ION8800 Firmware - Authenticated Stored Cross-Site Scripting via Modified System Values
Nov 15, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-5984
HIGH
ION8650 and ION8800 Firmware - Authenticated Firmware Upload Without Integrity Check
Nov 15, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-5399
CRITICAL
Schneider Electric SpaceLogic C-Bus Toolkit < 1.16.4 - Path Traversal via File Command
Oct 04, 2023
CVSS 9.8
EPSS 0.39
CVE-2023-5391
CRITICAL
EcoStruxure Power Monitoring Expert - Remote Code Execution via Untrusted Data Deserialization
Oct 04, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-5402
CRITICAL
C-Bus Toolkit < 1.16.3 - Remote Code Execution via Transfer Command
Oct 04, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-4516
HIGH
Schneider Electric IGSS Update Service - Missing Authentication Code Execution
Sep 14, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-3953
MEDIUM
pro-face GP-Pro EX < 4.09.500 - Authenticated Memory Corruption via Tampered Log File
Aug 09, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-29414
HIGH
Schneider Electric Accutech Manager < 2.7 - Local Privilege Escalation via Buffer Overflow
Jul 12, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-37199
MEDIUM
StruxureWare Data Center Expert < 7.9.3 - Authenticated Remote Code Execution via Backup Tampering
Jul 12, 2023
CVSS 6.8
EPSS 0.01
CVE-2023-37198
MEDIUM
StruxureWare Data Center Expert < 7.9.3 - Authenticated Remote Code Execution via Install Package Upload
Jul 12, 2023
CVSS 6.8
EPSS 0.01
CVE-2023-37197
HIGH
StruxureWare Data Center Expert < 7.9.3 - Authenticated SQL Injection via Mass Configuration Settings
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-37196
HIGH
StruxureWare Data Center Expert < 7.9.3 - Authenticated SQL Injection via Alert Settings Tampering
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-3001
HIGH
IGSS Dashboard < 16.0.0.23131 - Remote Code Execution via Malicious File Deserialization
Jun 14, 2023
CVSS 7.8
EPSS 0.32
CVE-2023-2570
HIGH
Schneider Electric EcoStruxure Foxboro DCS Control Core Services - Local DoS and Kernel Execution via IOCTL
Jun 14, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-2569
HIGH
EcoStruxure Foxboro DCS Control Core Services - Out-of-Bounds Write via IOCTL Call in Foxboro.sys Driver
Jun 14, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-1049
HIGH
EcoStruxure Operator Terminal Expert and Pro-Face Blue < 3.3 - Remote Code Execution via Malicious Project File
Jun 14, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-2161
MEDIUM
Schneider Electric OPC Factory Server - XML External Entity Reference
May 16, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-25620
MEDIUM
Schneider Electric Modicon M580 Firmware < 4.10 - Authenticated Denial of Service via Malicious Project File
Apr 19, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25619
HIGH
Modicon M580 Firmware < 4.10 - Denial of Service via Modbus TCP Protocol
Apr 19, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-29410
HIGH
Schneider Electric InsightHome, InsightFacility, Conext Gateway Firmware < 1.16 - Authenticated Remote Code Execution
Apr 18, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-28004
CRITICAL
PowerLogic HDPM6000 Firmware < 0.58.6 - Denial of Service or Remote Code Execution via Ethernet Request
Apr 18, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-29413
HIGH
Schneider Electric APC Easy UPS Online Monitoring Software < 2.5 - Unauthenticated DoS
Apr 18, 2023
CVSS 7.5
EPSS 0.01
Products
struxureware_data_center_expert 49
interactive_graphical_scada_system 43
modicon_m580_firmware 41
modicon_m340_firmware 39
modicon_m340_bmxp342020_firmware 32
modicon_m340_bmxp3420302_firmware 28
modicon_m340_bmxp341000_firmware 27
ecostruxure_control_expert 26
modicon_m340_bmxp342000_firmware 25
modicon_m340_bmxp3420102_firmware 25
modicon_quantum_firmware 25
easergy_t300_firmware 24
u.motion_builder 24
modicon_premium_firmware 23
140cpu65150_firmware 20
evlink_city_evc1s22p4_firmware 18
evlink_city_evc1s7p4_firmware 18
evlink_parking_evf2_firmware 18
evlink_parking_evw2_firmware 18
evlink_smart_wallbox_evb1a_firmware 18
modicon_m340_bmxp3420102cl_firmware 17
spacelynk_firmware 17
modicon_m221_firmware 16
modicon_m340_bmxp342020h_firmware 16
modicon_m340_bmxp3420302cl_firmware 16
modicon_m340_bmxp3420302h_firmware 16
ibp1110-1er_firmware 15
ibp219-1er_firmware 15
ibp319-1er_firmware 15
ibp519-1er_firmware 15
Quick Filters