schneider-electric

776 tracked vulnerabilities.

CVE-2023-22610 CRITICAL
EcoStruxure Geo SCADA Expert 2019 - Denial of Service via Database Server TCP Port
Jan 31, 2023
CVSS 9.1
EPSS 0.01
CVE-2022-46680 HIGH
PowerLogic ION9000, ION7400, PM8000, ION8650, ION8800 Firmware < 4.0.0 - Cleartext Transmission of Sensitive Information
May 22, 2023
CVSS 8.8
EPSS 0.00
CVE-2022-43378 MEDIUM
NetBotz 4 - Improper Restriction of Rendered UI Layers or Frames
Apr 18, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-43377 HIGH
Schneider Electric NetBotz 355/450/455/550/570 < 4.7.0 - Excessive Authentication Attempts
Apr 18, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-43376 HIGH
NetBotz 4 355/450/455/550/570 < 4.7.0 - Cross-Site Scripting
Apr 18, 2023
CVSS 7.6
EPSS 0.00
CVE-2022-34755 MEDIUM
Easergy Builder Installer < 1.7.23 - Uncontrolled Search Path Element
Apr 18, 2023
CVSS 6.3
EPSS 0.00
CVE-2022-4062 HIGH
EcoStruxure Power Commission <V2.25 - Improper Authorization
Feb 01, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-42973 HIGH
Schneider Electric APC Easy UPS Online Monitoring Software < 2.5-GA-01-22320 - Local Privilege Escalation
Feb 01, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-42972 HIGH
Schneider Electric APC Easy UPS Online Monitoring Software < 2.5-GA-01-22320 - Local Privilege Escalation
Feb 01, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-42971 CRITICAL
Schneider Electric APC Easy UPS Online Monitoring Software < 2.5-GA-01-22320 - RCE via JSP Upload
Feb 01, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-42970 CRITICAL
Schneider Electric APC Easy UPS Online Monitoring Software < 2.5-GA-01-22320 - Unauthenticated Critical Function Access
Feb 01, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-2329 CRITICAL
IGSS Data Server <V15.0.0.22073 - Buffer Overflow
Feb 01, 2023
CVSS 9.8
EPSS 0.02
CVE-2022-24324 CRITICAL
IGSS Data Server <V15.0.0.22073 - Buffer Overflow
Feb 01, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-45789 HIGH
Schneider-electric Ecostruxure Control Expert - Authentication Bypass
Jan 31, 2023
CVSS 8.1
EPSS 0.01
CVE-2022-32748 HIGH
EcoStruxure Cybersecurity Admin Expert < 2.4 - Improper Certificate Validation
Jan 30, 2023
CVSS 7.9
EPSS 0.00
CVE-2022-32747 HIGH
EcoStruxure Cybersecurity Admin Expert < 2.4 - Authentication Bypass by Spoofing
Jan 30, 2023
CVSS 8.0
EPSS 0.00
CVE-2022-32529 CRITICAL
Interactive Graphical SCADA System < 15.0.0.22170 - Remote Code Execution via Crafted Log Data Request
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32528 HIGH
Schneider-electric Interactive Graphi... - Missing Authentication
Jan 30, 2023
CVSS 8.6
EPSS 0.00
CVE-2022-32527 CRITICAL
Interactive Graphical SCADA System < 15.0.0.22170 - Remote Code Execution via Crafted Alarm Cache Data Messages
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32526 CRITICAL
Interactive Graphical SCADA System < 15.0.0.22170 - Remote Code Execution via Crafted Setting Value Messages
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32525 CRITICAL
Schneider Electric IGSS < 15.0.0.22170 - Remote Code Execution via Alarm Data
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32524 CRITICAL
Interactive Graphical SCADA System < 15.0.0.22170 - Remote Code Execution via Crafted Time Reduced Data Messages
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32523 CRITICAL
Interactive Graphical SCADA System < 15.0.0.22170 - Remote Code Execution via Crafted Online Data Request
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32522 CRITICAL
Schneider-electric Interactive Graphi... - Buffer Overflow
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32521 HIGH
Schneider Electric Data Center Expert < 7.9.0 - Remote Code Execution via Unsafe Deserialization
Jan 30, 2023
CVSS 7.1
EPSS 0.01