schneider-electric

765 tracked vulnerabilities.

CVE-2022-0223 MEDIUM
EcoStruxure Power Commission <V2.22 - Path Traversal
Jan 30, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-45788 HIGH
EcoStruxure Control Expert & Modicon Controllers - RCE & DoS via Malicious Project File
Jan 30, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-2988 MEDIUM
EcoStruxure Machine Expert - HVAC < 1.4.0 and SoMachine HVAC < 2.1.0 - Out-of-bounds Write
Jan 30, 2023
CVSS 4.3
EPSS 0.00
CVE-2022-0222 HIGH
Modicon M340 - Privilege Escalation
Nov 22, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-37301 HIGH
Modicon M340 and M580 Firmware < 3.50/4.01 - Denial of Service via Modbus TCP Memory Access Violation
Nov 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41671 HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - SQL Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41670 HIGH
SGIUtility <V3.3 Hotfix 1 - Path Traversal
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41669 HIGH
SGIUtility <V3.3 Hotfix 1 - Code Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41668 HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Code Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41667 HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Path Traversal
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41666 HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Code Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-37302 MEDIUM
EcoStruxure Control Expert < 15.1 HF001 - Denial of Service via Malformed Project File
Sep 13, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-37300 CRITICAL
EcoStruxure Control Expert < 15.1 - Weak Password Recovery Mechanism for Forgotten Password
Sep 12, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34765 MEDIUM
X80 advanced RTU Communication Module - Path Traversal
Jul 13, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-34764 MEDIUM
Modicon Communication Module <1.10 & X80 Advanced RTU 1.0 - DoS via URL Parsing
Jul 13, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-34763 MEDIUM
Schneider Electric OPC UA Module for M580 <1.10 & X80 Advanced RTU >=2.01 - Data Authenticity Verification Bypass
Jul 13, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-34762 MEDIUM
Schneider Electric OPC UA Module for M580 <1.10 & X80 Advanced RTU >=2.01 Path Traversal
Jul 13, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-34761 HIGH
OPC UA Modicon <1.10 & X80 Advanced RTU >=2.01 DoS via JSON Parsing
Jul 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34760 HIGH
OPC UA Modicon <1.10 & X80 RTU 1.0 DoS via Cookie Handling
Jul 13, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-34759 HIGH
OPC UA Modicon <1.10 & X80 RTU - DoS via HTTP Header Parsing
Jul 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34758 MEDIUM
Easergy P5 Firmware < 01.401.102 - Authenticated Watchdog Disablement via Improper Input Validation
Jul 13, 2022
CVSS 5.1
EPSS 0.00
CVE-2022-34757 MEDIUM
Easergy P5 Firmware < 01.401.102 - Use of a Broken or Risky Cryptographic Algorithm in SSH Connection
Jul 13, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-34756 HIGH
Easergy P5 Firmware < 01.401.102 - Remote Code Execution or Denial of Service via HTTPS Stack Buffer Overflow
Jul 13, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-34754 MEDIUM
Acti9 PowerTag Link C (A9XELC10-A) < 1.7.5 & (A9XELC10-B) < 2.12.0 - Unauthenticated Privilege Escalation
Jul 13, 2022
CVSS 6.8
EPSS 0.00
CVE-2022-34753 HIGH NUCLEI
SpaceLogic C-Bus Home Controller < 1.31.460 - OS Command Injection
Jul 13, 2022
CVSS 8.8
EPSS 0.94
Products
struxureware_data_center_expert 48 interactive_graphical_scada_system 43 modicon_m580_firmware 41 modicon_m340_firmware 39 modicon_m340_bmxp342020_firmware 32 modicon_m340_bmxp3420302_firmware 28 modicon_m340_bmxp341000_firmware 27 ecostruxure_control_expert 26 modicon_m340_bmxp342000_firmware 25 modicon_m340_bmxp3420102_firmware 25 modicon_quantum_firmware 25 easergy_t300_firmware 24 u.motion_builder 24 modicon_premium_firmware 23 140cpu65150_firmware 20 evlink_city_evc1s22p4_firmware 18 evlink_city_evc1s7p4_firmware 18 evlink_parking_evf2_firmware 18 evlink_parking_evw2_firmware 18 evlink_smart_wallbox_evb1a_firmware 18 modicon_m340_bmxp3420102cl_firmware 17 spacelynk_firmware 17 modicon_m221_firmware 16 modicon_m340_bmxp342020h_firmware 16 modicon_m340_bmxp3420302cl_firmware 16 modicon_m340_bmxp3420302h_firmware 16 ibp1110-1er_firmware 15 ibp219-1er_firmware 15 ibp319-1er_firmware 15 ibp519-1er_firmware 15
Quick Filters
Critical CVEs With Exploits In CISA KEV