schneider-electric

776 tracked vulnerabilities.

CVE-2023-29412 CRITICAL
APC Easy UPS Online Monitoring Software < 2.5 Remote Code Execution via Java RMI
Apr 18, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-29411 CRITICAL
APC Easy UPS Online Monitoring Software < 2.5-ga-01-22320 and < 2.5-gs-01-22320 - Remote Code Execution via Java RMI
Apr 18, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-28003 MEDIUM
EcoStruxure Power Monitoring Expert < 2022 - Insufficient Session Expiration
Apr 18, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-25555 MEDIUM
StruxureWare Data Center Expert < 7.9.2 - Authenticated OS Command Injection via SSH
Apr 18, 2023
CVSS 5.6
EPSS 0.01
CVE-2023-25554 HIGH
StruxureWare Data Center Expert <= 7.9.2 - OS Command Injection
Apr 18, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-25553 MEDIUM
StruxureWare Data Center Expert <= 7.9.2 - Cross-Site Scripting via Logging Capabilities
Apr 18, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-25552 HIGH
StruxureWare Data Center Expert < 7.9.2 - Missing Authorization via Device File Transfer Settings
Apr 18, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-25551 MEDIUM
StruxureWare Data Center Expert <= 7.9.2 - Cross-Site Scripting via File Upload Endpoint
Apr 18, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-25550 HIGH
StruxureWare Data Center Expert < 7.9.2 - Remote Code Execution via Hostname Parameter
Apr 18, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-25549 HIGH
StruxureWare Data Center Expert <= 7.9.2 - Remote Code Execution via DCE Network Settings Endpoint
Apr 18, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-25548 HIGH
StruxureWare Data Center Expert < 7.9.2 - Incorrect Authorization
Apr 18, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25547 HIGH
StruxureWare Data Center Expert < 7.9.2 - Authenticated Remote Code Execution via Package Upload
Apr 18, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25556 HIGH
Schneider Electric Merten KNX Devices - Improper Authentication via Short Key Entry
Apr 18, 2023
CVSS 8.3
EPSS 0.00
CVE-2023-27976 HIGH
EcoStruxure Control Expert >=15.1 - Remote Code Execution via Malicious Web Endpoint Link
Apr 18, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-1548 MEDIUM
EcoStruxure Control Expert >= V15.1 - DoS
Apr 18, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-27983 MEDIUM
Schneider Electric IGSS < 16.0.0.23040 - Unauthenticated Report Deletion via TCP
Mar 21, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27979 MEDIUM
Schneider Electric IGSS < 16.0.0.23040 - DoS via Crafted TCP Messages
Mar 21, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27977 MEDIUM
Schneider Electric IGSS < 16.0.0.23040 - Unauthenticated File Deletion via TCP
Mar 21, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27984 HIGH
Schneider Electric Custom Reports < 16.0.0.23040 - Remote Code Execution via Malicious Report File
Mar 21, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-27981 HIGH
Schneider Electric IGSS Data Server & Dashboard < 16.0.0.23040 - RCE via Malicious Report
Mar 21, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-27978 HIGH
Schneider Electric IGSS Dashboard < 16.0.0.23040 - Remote Code Execution via Untrusted Data Deserialization
Mar 21, 2023
CVSS 7.8
EPSS 0.06
CVE-2023-27982 HIGH
Schneider Electric IGSS < 16.0.0.23040 - Remote Code Execution via TCP
Mar 21, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-27980 HIGH
Schneider Electric IGSS < 16.0.0.23040 - Unauthenticated RCE via Malicious Report File
Mar 21, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-0595 MEDIUM
EcoStruxure Geo SCADA Expert <October 2022 - Info Disclosure
Feb 24, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-22611 HIGH
EcoStruxure Geo SCADA Expert 2019-2021 - Exposure of Sensitive Information via Database Server TCP Port
Jan 31, 2023
CVSS 7.5
EPSS 0.01