schneider-electric

776 tracked vulnerabilities.

CVE-2022-32520 HIGH
Data Center Expert < 7.9.0 - Insufficiently Protected Credentials
Jan 30, 2023
CVSS 8.0
EPSS 0.01
CVE-2022-32519 HIGH
Data Center Expert <7.9.0 - Info Disclosure
Jan 30, 2023
CVSS 8.0
EPSS 0.00
CVE-2022-32518 HIGH
Data Center Expert < 7.9.0 - Insufficiently Protected Credentials
Jan 30, 2023
CVSS 8.0
EPSS 0.01
CVE-2022-32517 MEDIUM
Conext ComBox Firmware - Clickjacking via Unrestricted UI Layer Rendering
Jan 30, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-32516 HIGH
Conext ComBox Firmware - Cross-Site Request Forgery via POST Request
Jan 30, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-32515 HIGH
Conext ComBox Firmware - Improper Restriction of Excessive Authentication Attempts
Jan 30, 2023
CVSS 8.6
EPSS 0.01
CVE-2022-32514 CRITICAL
Schneider-electric 5500ac2 Firmware < 1.11.0 - Authentication Bypass
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32513 CRITICAL
Schneider Electric C-Bus Automation Controllers < 1.11.0 - Weak Password Requirements
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32512 MEDIUM
CanBRASS < 7.5.1 - Remote Code Execution via Memory Buffer Overflow
Jan 30, 2023
CVSS 5.3
EPSS 0.00
CVE-2022-22732 LOW
EcoStruxure Power Commission < 2.22 - Exposure of Resource to Wrong Sphere via Fetch Request
Jan 30, 2023
CVSS 3.9
EPSS 0.00
CVE-2022-22731 MEDIUM
EcoStruxure Power Commission < 2.22 - Path Traversal and Arbitrary File Write
Jan 30, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-0223 MEDIUM
EcoStruxure Power Commission <V2.22 - Path Traversal
Jan 30, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-45788 HIGH
EcoStruxure Control Expert & Modicon Controllers - RCE & DoS via Malicious Project File
Jan 30, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-2988 MEDIUM
EcoStruxure Machine Expert - HVAC < 1.4.0 and SoMachine HVAC < 2.1.0 - Out-of-bounds Write
Jan 30, 2023
CVSS 4.3
EPSS 0.00
CVE-2022-0222 HIGH
Modicon M340 - Privilege Escalation
Nov 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-37301 HIGH
Modicon M340 and M580 Firmware < 3.50/4.01 - Denial of Service via Modbus TCP Memory Access Violation
Nov 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41671 HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - SQL Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41670 HIGH
SGIUtility <V3.3 Hotfix 1 - Path Traversal
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41669 HIGH
SGIUtility <V3.3 Hotfix 1 - Code Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41668 HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Code Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41667 HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Path Traversal
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41666 HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Code Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-37302 MEDIUM
EcoStruxure Control Expert < 15.1 HF001 - Denial of Service via Malformed Project File
Sep 13, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-37300 CRITICAL
EcoStruxure Control Expert < 15.1 - Weak Password Recovery Mechanism for Forgotten Password
Sep 12, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34765 MEDIUM
X80 advanced RTU Communication Module - Path Traversal
Jul 13, 2022
CVSS 5.5
EPSS 0.01