VYPR

controller

by Schneider Electric

CVEs (3)

  • CVE-2024-11737CriDec 11, 2024
    risk 0.64cvss 9.8epss 0.01

    CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device.

  • CVE-2025-3116MedJun 10, 2025
    risk 0.42cvss 6.5epss 0.00

    CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request containing improper formatted body data to the controller.

  • CVE-2023-25620MedApr 19, 2023
    risk 0.42cvss 6.5epss 0.01

    A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when a malicious project file is loaded onto the controller by an authenticated user.