VYPR

Vendor CVEs

Schneider Electric

All CVEs

722 total · sorted by risk
  • CVE-2017-6026CriJun 30, 2017
    risk 0.65cvss 9.1epss 0.32

    A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The session numbers generated by the web application are…

  • CVE-2017-5178CriMar 8, 2017
    risk 0.65cvss 9.8epss 0.14

    An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with…

  • CVE-2016-8352CriFeb 13, 2017
    risk 0.65cvss 10.0epss 0.04

    An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20 all versions. A stack-based buffer overflow can be triggered during the SNMP…

  • CVE-2021-22768CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.03

    A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from CVE-2021-22767

  • CVE-2021-22767CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.03

    A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from CVE-2021-2276

  • CVE-2021-22765CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.03

    A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet

  • CVE-2021-22763CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.02

    A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to…

  • CVE-2020-7489CriApr 22, 2020
    risk 0.64cvss 9.8epss 0.02

    A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this…

  • CVE-2018-7791CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.02

    A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to overwrite the original password with their password. If an…

  • CVE-2018-7790CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.02

    An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability…

  • CVE-2018-7785CriJul 3, 2018
    risk 0.64cvss 9.8epss 0.03

    In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command injection allows authentication bypass.

  • CVE-2018-7784CriJul 3, 2018
    risk 0.64cvss 9.8epss 0.02

    In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or cause a segmentation fault in…

  • CVE-2018-7780CriJul 3, 2018
    risk 0.64cvss 9.8epss 0.01

    In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, a buffer overflow vulnerability exist in cgi program "set".

  • CVE-2018-7778CriJul 3, 2018
    risk 0.64cvss 9.8epss 0.02

    In Schneider Electric Evlink Charging Station versions prior to v3.2.0-12_v1, the Web Interface has an issue that may allow a remote attacker to gain administrative privileges without properly authenticating remote users.

  • CVE-2018-8840CriApr 18, 2018
    risk 0.64cvss 9.8epss 0.08

    A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution.

  • CVE-2018-7761CriApr 18, 2018
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.

  • CVE-2018-7760CriApr 18, 2018
    risk 0.64cvss 9.8epss 0.01

    An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization.

  • CVE-2018-7246CriApr 18, 2018
    risk 0.64cvss 9.8epss 0.01

    A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. he integrated web server (Port 80/443/TCP) of the affected devices could allow remote attackers to…

  • CVE-2018-7243CriApr 18, 2018
    risk 0.64cvss 9.8epss 0.03

    An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to get a full access to device,…

  • CVE-2018-7242CriApr 18, 2018
    risk 0.64cvss 9.8epss 0.02

    Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.

  • CVE-2018-7241CriApr 18, 2018
    risk 0.64cvss 9.8epss 0.04

    Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.

  • CVE-2018-7238CriMar 9, 2018
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow vulnerability exist in the web-based GUI of Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to execute arbitrary code.

  • CVE-2018-7233CriMar 9, 2018
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'model_name' or 'mac_address'.

  • CVE-2018-7232CriMar 9, 2018
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'network.ieee8021x.delete_certs'.

  • CVE-2018-7231CriMar 9, 2018
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'system.opkg.remove'.

  • CVE-2018-7229CriMar 9, 2018
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and gain administrator privileges because the use of hardcoded credentials.

  • CVE-2018-7228CriMar 9, 2018
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and get the administrator privileges.

  • CVE-2017-14024CriNov 13, 2017
    risk 0.64cvss 9.8epss 0.06

    A Stack-based Buffer Overflow issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 Patch 1 and prior versions, and InTouch Machine Edition v8.0 SP2 Patch 1 and prior versions. The stack-based buffer overflow vulnerability has been identified, which may allow…

  • CVE-2017-13997CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.05

    A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. InduSoft Web Studio provides the capability for an HMI client to trigger script execution on the server…

  • CVE-2017-9957CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the web service contains a hidden system account with a hardcoded password. An attacker can use this information to log into the system with high-privilege credentials.

  • CVE-2017-7974CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.05

    A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and exfiltrate files.

  • CVE-2017-7973CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.01

    A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can use calls to various paths allowing performance of arbitrary SQL commands against the underlying database.

  • CVE-2017-9629CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.10

    A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow a remote attacker to execute arbitrary code in the context…

  • CVE-2017-6034CriJun 30, 2017
    risk 0.64cvss 9.8epss 0.05

    An authentication bypass by capture-replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and…

  • CVE-2017-6028CriJun 30, 2017
    risk 0.64cvss 9.8epss 0.02

    An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. Log-in credentials are sent over the network with Base64 encoding leaving them susceptible to sniffing.…

  • CVE-2017-5158CriApr 20, 2017
    risk 0.64cvss 9.8epss 0.02

    An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be specified.

  • CVE-2017-7689CriApr 11, 2017
    risk 0.64cvss 9.8epss 0.06

    A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.

  • CVE-2017-7575CriApr 6, 2017
    risk 0.64cvss 9.8epss 0.04

    Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded,…

  • CVE-2017-7574CriApr 6, 2017
    risk 0.64cvss 9.8epss 0.01

    Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a…

  • CVE-2016-5818CriFeb 13, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device.

  • CVE-2016-5815CriFeb 13, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. No authentication is configured by default. An unauthorized user can access the device management portal…

  • CVE-2016-4520CriJul 15, 2016
    risk 0.64cvss 9.8epss 0.06

    Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors.

  • CVE-2012-0931CriJan 28, 2012
    risk 0.64cvss 9.8epss 0.05

    Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.

  • CVE-2018-7777HigJul 3, 2018
    risk 0.63cvss 8.8epss 0.32

    The vulnerability is due to insufficient handling of update_file request parameter on update_module.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the…

  • CVE-2016-5809HigFeb 13, 2017
    risk 0.60cvss 8.8epss 0.02

    An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. There is no CSRF Token generated to authenticate the user during a session. Successful exploitation of…

  • CVE-2022-0715CriMar 9, 2022
    risk 0.59cvss 9.1epss 0.06

    A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT Series ID=18: UPS 09.8 and prior…

  • CVE-2021-22779CriJul 14, 2021
    risk 0.59cvss 9.1epss 0.01

    Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure…

  • CVE-2018-7245CriApr 18, 2018
    risk 0.59cvss 9.1epss 0.01

    An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to change UPS control and…

  • CVE-2018-7237CriMar 9, 2018
    risk 0.59cvss 9.1epss 0.02

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow a remote attacker to delete arbitrary system file due to lack of validation of the /login/bin/set_param to the file name with the value of…

  • CVE-2015-7921CriApr 6, 2016
    risk 0.59cvss 9.1epss 0.02

    The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of these…

Page 1 of 15