schneider-electric
776 tracked vulnerabilities.
CVE-2022-32520
HIGH
Data Center Expert < 7.9.0 - Insufficiently Protected Credentials
Jan 30, 2023
CVSS 8.0
EPSS 0.01
CVE-2022-32519
HIGH
Data Center Expert <7.9.0 - Info Disclosure
Jan 30, 2023
CVSS 8.0
EPSS 0.00
CVE-2022-32518
HIGH
Data Center Expert < 7.9.0 - Insufficiently Protected Credentials
Jan 30, 2023
CVSS 8.0
EPSS 0.01
CVE-2022-32517
MEDIUM
Conext ComBox Firmware - Clickjacking via Unrestricted UI Layer Rendering
Jan 30, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-32516
HIGH
Conext ComBox Firmware - Cross-Site Request Forgery via POST Request
Jan 30, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-32515
HIGH
Conext ComBox Firmware - Improper Restriction of Excessive Authentication Attempts
Jan 30, 2023
CVSS 8.6
EPSS 0.01
CVE-2022-32514
CRITICAL
Schneider-electric 5500ac2 Firmware < 1.11.0 - Authentication Bypass
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32513
CRITICAL
Schneider Electric C-Bus Automation Controllers < 1.11.0 - Weak Password Requirements
Jan 30, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32512
MEDIUM
CanBRASS < 7.5.1 - Remote Code Execution via Memory Buffer Overflow
Jan 30, 2023
CVSS 5.3
EPSS 0.00
CVE-2022-22732
LOW
EcoStruxure Power Commission < 2.22 - Exposure of Resource to Wrong Sphere via Fetch Request
Jan 30, 2023
CVSS 3.9
EPSS 0.00
CVE-2022-22731
MEDIUM
EcoStruxure Power Commission < 2.22 - Path Traversal and Arbitrary File Write
Jan 30, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-0223
MEDIUM
EcoStruxure Power Commission <V2.22 - Path Traversal
Jan 30, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-45788
HIGH
EcoStruxure Control Expert & Modicon Controllers - RCE & DoS via Malicious Project File
Jan 30, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-2988
MEDIUM
EcoStruxure Machine Expert - HVAC < 1.4.0 and SoMachine HVAC < 2.1.0 - Out-of-bounds Write
Jan 30, 2023
CVSS 4.3
EPSS 0.00
CVE-2022-0222
HIGH
Modicon M340 - Privilege Escalation
Nov 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-37301
HIGH
Modicon M340 and M580 Firmware < 3.50/4.01 - Denial of Service via Modbus TCP Memory Access Violation
Nov 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41671
HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - SQL Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41670
HIGH
SGIUtility <V3.3 Hotfix 1 - Path Traversal
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41669
HIGH
SGIUtility <V3.3 Hotfix 1 - Code Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41668
HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Code Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41667
HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Path Traversal
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41666
HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Code Injection
Nov 04, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-37302
MEDIUM
EcoStruxure Control Expert < 15.1 HF001 - Denial of Service via Malformed Project File
Sep 13, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-37300
CRITICAL
EcoStruxure Control Expert < 15.1 - Weak Password Recovery Mechanism for Forgotten Password
Sep 12, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34765
MEDIUM
X80 advanced RTU Communication Module - Path Traversal
Jul 13, 2022
CVSS 5.5
EPSS 0.01
Products
struxureware_data_center_expert 49
interactive_graphical_scada_system 43
modicon_m580_firmware 41
modicon_m340_firmware 39
modicon_m340_bmxp342020_firmware 32
modicon_m340_bmxp3420302_firmware 28
modicon_m340_bmxp341000_firmware 27
ecostruxure_control_expert 26
modicon_m340_bmxp342000_firmware 25
modicon_m340_bmxp3420102_firmware 25
modicon_quantum_firmware 25
easergy_t300_firmware 24
u.motion_builder 24
modicon_premium_firmware 23
140cpu65150_firmware 20
evlink_city_evc1s22p4_firmware 18
evlink_city_evc1s7p4_firmware 18
evlink_parking_evf2_firmware 18
evlink_parking_evw2_firmware 18
evlink_smart_wallbox_evb1a_firmware 18
modicon_m340_bmxp3420102cl_firmware 17
spacelynk_firmware 17
modicon_m221_firmware 16
modicon_m340_bmxp342020h_firmware 16
modicon_m340_bmxp3420302cl_firmware 16
modicon_m340_bmxp3420302h_firmware 16
ibp1110-1er_firmware 15
ibp219-1er_firmware 15
ibp319-1er_firmware 15
ibp519-1er_firmware 15
Quick Filters