schneider-electric

776 tracked vulnerabilities.

CVE-2022-34764 MEDIUM
Modicon Communication Module <1.10 & X80 Advanced RTU 1.0 - DoS via URL Parsing
Jul 13, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-34763 MEDIUM
Schneider Electric OPC UA Module for M580 <1.10 & X80 Advanced RTU >=2.01 - Data Authenticity Verification Bypass
Jul 13, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-34762 MEDIUM
Schneider Electric OPC UA Module for M580 <1.10 & X80 Advanced RTU >=2.01 Path Traversal
Jul 13, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-34761 HIGH
OPC UA Modicon <1.10 & X80 Advanced RTU >=2.01 DoS via JSON Parsing
Jul 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34760 HIGH
OPC UA Modicon <1.10 & X80 RTU 1.0 DoS via Cookie Handling
Jul 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34759 HIGH
OPC UA Modicon <1.10 & X80 RTU - DoS via HTTP Header Parsing
Jul 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34758 MEDIUM
Easergy P5 Firmware < 01.401.102 - Authenticated Watchdog Disablement via Improper Input Validation
Jul 13, 2022
CVSS 5.1
EPSS 0.00
CVE-2022-34757 MEDIUM
Easergy P5 Firmware < 01.401.102 - Use of a Broken or Risky Cryptographic Algorithm in SSH Connection
Jul 13, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-34756 HIGH
Easergy P5 Firmware < 01.401.102 - Remote Code Execution or Denial of Service via HTTPS Stack Buffer Overflow
Jul 13, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-34754 MEDIUM
Acti9 PowerTag Link C (A9XELC10-A) < 1.7.5 & (A9XELC10-B) < 2.12.0 - Unauthenticated Privilege Escalation
Jul 13, 2022
CVSS 6.8
EPSS 0.00
CVE-2022-34753 HIGH NUCLEI
SpaceLogic C-Bus Home Controller < 1.31.460 - OS Command Injection
Jul 13, 2022
CVSS 8.8
EPSS 0.71
CVE-2022-32530 MEDIUM
Geo SCADA Mobile < 222 - Exposure of Resource to Wrong Sphere via Malicious Application
Jun 24, 2022
CVSS 4.8
EPSS 0.00
CVE-2022-30238 HIGH
Wiser Smart EER21000 and EER21001 Firmware < 4.5 - Improper Authentication
Jun 02, 2022
CVSS 8.3
EPSS 0.01
CVE-2022-30237 HIGH
Wiser Smart EER21000 and EER21001 < 4.5 - Missing Encryption of Sensitive Data
Jun 02, 2022
CVSS 8.2
EPSS 0.00
CVE-2022-30236 HIGH
Wiser Smart < V4.5 - Cross-Site Request Forgery
Jun 02, 2022
CVSS 8.2
EPSS 0.01
CVE-2022-30235 HIGH
Wiser Smart EER21000 and EER21001 < 4.5 - Unauthenticated Brute Force Attack
Jun 02, 2022
CVSS 8.6
EPSS 0.01
CVE-2022-30234 CRITICAL
Wiser Smart EER21000 and EER21001 Firmware < 4.5 - Use of Hard-coded Credentials
Jun 02, 2022
CVSS 9.4
EPSS 0.01
CVE-2022-30233 MEDIUM
Schneider Electric Wiser Smart EER21000 and EER21001 Firmware < 4.5 - Improper Input Validation
Jun 02, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-30232 HIGH
PowerLogic ION Setup Firmware < 3.2.22096.01 - Remote Code Execution via Request Interception
Jun 02, 2022
CVSS 8.0
EPSS 0.01
CVE-2022-26507 CRITICAL
AT&T Labs Xmill 0.7 - Buffer Overflow
Apr 14, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-0221 MEDIUM
SCADAPack Workbench <6.6.8a - Info Disclosure
Apr 13, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-24323 MEDIUM
EcoStruxure Control Expert <15.0 & Process Expert <2021 - DoS via Modbus Response
Mar 09, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-24322 MEDIUM
EcoStruxure Control Expert < V15.0 SP1 - Buffer Overflow
Mar 09, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-22806 CRITICAL
Schneider Electric SmartConnect UPS Family - Unauthenticated Authentication Bypass via Malformed Connection
Mar 09, 2022
CVSS 9.8
EPSS 0.12
CVE-2022-22805 CRITICAL
Schneider Electric SmartConnect Family UPS Firmware - Remote Code Execution via TLS Packet Reassembly
Mar 09, 2022
CVSS 9.8
EPSS 0.12