VYPR

Easergy Builder

by Schneider Electric

CVEs (7)

  • CVE-2022-34755Apr 18, 2023
    risk 0.00cvss epss 0.00

    A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation…

  • CVE-2020-7519Jul 23, 2020
    risk 0.00cvss epss 0.01

    A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to compromise a user account.

  • CVE-2020-7518Jul 23, 2020
    risk 0.00cvss epss 0.01

    A CWE-20: Improper input validation vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to modify project configuration files.

  • CVE-2020-7517Jul 23, 2020
    risk 0.00cvss epss 0.00

    A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to read user credentials.

  • CVE-2020-7516Jul 23, 2020
    risk 0.00cvss epss 0.00

    A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker access to login credentials.

  • CVE-2020-7515Jul 23, 2020
    risk 0.00cvss epss 0.00

    A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker to decrypt a password.

  • CVE-2020-7514Jul 23, 2020
    risk 0.00cvss epss 0.00

    A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker access to the authorization credentials for a device and gain full access.