schneider-electric

765 tracked vulnerabilities.

CVE-2023-25547 HIGH
StruxureWare Data Center Expert < 7.9.2 - Authenticated Remote Code Execution via Package Upload
Apr 18, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25556 HIGH
Schneider Electric Merten KNX Devices - Improper Authentication via Short Key Entry
Apr 18, 2023
CVSS 8.3
EPSS 0.00
CVE-2023-27976 HIGH
EcoStruxure Control Expert >=15.1 - Remote Code Execution via Malicious Web Endpoint Link
Apr 18, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-1548 MEDIUM
EcoStruxure Control Expert >= V15.1 - DoS
Apr 18, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-27983 MEDIUM
Schneider Electric IGSS < 16.0.0.23040 - Unauthenticated Report Deletion via TCP
Mar 21, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27979 MEDIUM
Schneider Electric IGSS < 16.0.0.23040 - DoS via Crafted TCP Messages
Mar 21, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27977 MEDIUM
Schneider Electric IGSS < 16.0.0.23040 - Unauthenticated File Deletion via TCP
Mar 21, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27984 HIGH
Schneider Electric Custom Reports < 16.0.0.23040 - Remote Code Execution via Malicious Report File
Mar 21, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-27981 HIGH
Schneider Electric IGSS Data Server & Dashboard < 16.0.0.23040 - RCE via Malicious Report
Mar 21, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-27978 HIGH
Schneider Electric IGSS Dashboard < 16.0.0.23040 - Remote Code Execution via Untrusted Data Deserialization
Mar 21, 2023
CVSS 7.8
EPSS 0.04
CVE-2023-27982 HIGH
Schneider Electric IGSS < 16.0.0.23040 - Remote Code Execution via TCP
Mar 21, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-27980 HIGH
Schneider Electric IGSS < 16.0.0.23040 - Unauthenticated RCE via Malicious Report File
Mar 21, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-0595 MEDIUM
EcoStruxure Geo SCADA Expert <October 2022 - Info Disclosure
Feb 24, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-22611 HIGH
EcoStruxure Geo SCADA Expert 2019-2021 - Exposure of Sensitive Information via Database Server TCP Port
Jan 31, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-22610 CRITICAL
EcoStruxure Geo SCADA Expert 2019 - Denial of Service via Database Server TCP Port
Jan 31, 2023
CVSS 9.1
EPSS 0.00
CVE-2022-46680 HIGH
PowerLogic ION9000, ION7400, PM8000, ION8650, ION8800 Firmware < 4.0.0 - Cleartext Transmission of Sensitive Information
May 22, 2023
CVSS 8.8
EPSS 0.00
CVE-2022-43378 MEDIUM
NetBotz 4 - Improper Restriction of Rendered UI Layers or Frames
Apr 18, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-43377 HIGH
Schneider Electric NetBotz 355/450/455/550/570 < 4.7.0 - Excessive Authentication Attempts
Apr 18, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-43376 HIGH
NetBotz 4 355/450/455/550/570 < 4.7.0 - Cross-Site Scripting
Apr 18, 2023
CVSS 7.6
EPSS 0.01
CVE-2022-34755 MEDIUM
Easergy Builder Installer < 1.7.23 - Uncontrolled Search Path Element
Apr 18, 2023
CVSS 6.3
EPSS 0.00
CVE-2022-4062 HIGH
EcoStruxure Power Commission <V2.25 - Improper Authorization
Feb 01, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-42973 HIGH
Schneider Electric APC Easy UPS Online Monitoring Software < 2.5-GA-01-22320 - Local Privilege Escalation
Feb 01, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-42972 HIGH
Schneider Electric APC Easy UPS Online Monitoring Software < 2.5-GA-01-22320 - Local Privilege Escalation
Feb 01, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-42971 CRITICAL
Schneider Electric APC Easy UPS Online Monitoring Software < 2.5-GA-01-22320 - RCE via JSP Upload
Feb 01, 2023
CVSS 9.8
EPSS 0.03
CVE-2022-42970 CRITICAL
Schneider Electric APC Easy UPS Online Monitoring Software < 2.5-GA-01-22320 - Unauthenticated Critical Function Access
Feb 01, 2023
CVSS 9.8
EPSS 0.01
Products
struxureware_data_center_expert 48 interactive_graphical_scada_system 43 modicon_m580_firmware 41 modicon_m340_firmware 39 modicon_m340_bmxp342020_firmware 32 modicon_m340_bmxp3420302_firmware 28 modicon_m340_bmxp341000_firmware 27 ecostruxure_control_expert 26 modicon_m340_bmxp342000_firmware 25 modicon_m340_bmxp3420102_firmware 25 modicon_quantum_firmware 25 easergy_t300_firmware 24 u.motion_builder 24 modicon_premium_firmware 23 140cpu65150_firmware 20 evlink_city_evc1s22p4_firmware 18 evlink_city_evc1s7p4_firmware 18 evlink_parking_evf2_firmware 18 evlink_parking_evw2_firmware 18 evlink_smart_wallbox_evb1a_firmware 18 modicon_m340_bmxp3420102cl_firmware 17 spacelynk_firmware 17 modicon_m221_firmware 16 modicon_m340_bmxp342020h_firmware 16 modicon_m340_bmxp3420302cl_firmware 16 modicon_m340_bmxp3420302h_firmware 16 ibp1110-1er_firmware 15 ibp219-1er_firmware 15 ibp319-1er_firmware 15 ibp519-1er_firmware 15
Quick Filters
Critical CVEs With Exploits In CISA KEV