VYPR

Vendor CVEs

Schneider Electric

All CVEs

722 total · sorted by risk
  • CVE-2019-6856HigJan 6, 2020
    risk 0.49cvss 7.5epss 0.02

    A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory…

  • CVE-2018-7794HigJan 6, 2020
    risk 0.49cvss 7.5epss 0.01

    A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using…

  • CVE-2019-6829HigSep 17, 2019
    risk 0.49cvss 7.5epss 0.02

    A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2.90) and Modicon M340 (firmware version prior to V3.10), which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus.

  • CVE-2019-6819HigMay 22, 2019
    risk 0.49cvss 7.5epss 0.01

    A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware…

  • CVE-2018-7821HigMay 22, 2019
    risk 0.49cvss 7.5epss 0.01

    An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated.

  • CVE-2019-10953HigApr 17, 2019
    risk 0.49cvss 7.5epss 0.04

    ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.

  • CVE-2018-7792HigAug 29, 2018
    risk 0.49cvss 7.5epss 0.01

    A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table.

  • CVE-2018-7789HigAug 29, 2018
    risk 0.49cvss 7.5epss 0.03

    An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted…

  • CVE-2018-7783HigJul 3, 2018
    risk 0.49cvss 7.5epss 0.02

    Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band (OOB) attack. The vulnerability is…

  • CVE-2018-7779HigJul 3, 2018
    risk 0.49cvss 7.5epss 0.01

    In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP access could allow an attacker unauthorized access.

  • CVE-2017-6021HigMay 14, 2018
    risk 0.49cvss 7.5epss 0.02

    In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior, 2014 R1.1 (build 75.5387) and prior, 2015 R1 (build 76.5648) and prior, and 2015 R2 (build 77.5882) and prior, an attacker with network access to the ClearSCADA server can send specially crafted sequences of…

  • CVE-2018-7762HigApr 18, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.

  • CVE-2018-7759HigApr 18, 2018
    risk 0.49cvss 7.5epss 0.01

    A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be…

  • CVE-2018-7235HigMar 9, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of the shell meta characters with the value of 'system.download.sd_file'

  • CVE-2018-7234HigMar 9, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of SSL certificate.

  • CVE-2017-9962HigSep 26, 2017
    risk 0.49cvss 7.5epss 0.01

    Schneider Electric's ClearSCADA versions released prior to August 2017 are susceptible to a memory allocation vulnerability, whereby malformed requests can be sent to ClearSCADA client applications to cause unexpected behavior. Client applications affected include ViewX and the…

  • CVE-2017-9631HigJul 7, 2017
    risk 0.49cvss 7.5epss 0.03

    A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The null pointer dereference vulnerability could allow an attacker to crash the logger process, causing a denial of service for logging and…

  • CVE-2017-6017HigJun 30, 2017
    risk 0.49cvss 7.5epss 0.05

    A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A…

  • CVE-2016-8374HigFeb 13, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK…

  • CVE-2012-0929HigJan 28, 2012
    risk 0.49cvss 7.5epss 0.05

    Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the (1) FTP server or (2) HTTP server.

  • CVE-2017-9956HigSep 26, 2017
    risk 0.48cvss 7.3epss 0.01

    An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system contains a hard-coded valid session. An attacker can use that session ID as part of the HTTP cookie of a web request, resulting in…

  • CVE-2017-5155HigFeb 13, 2017
    risk 0.48cvss 7.3epss 0.02

    An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond…

  • CVE-2016-4529HigJul 15, 2016
    risk 0.48cvss 7.3epss 0.05

    An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag.

  • CVE-2024-8531HigOct 11, 2024
    risk 0.47cvss 7.2epss 0.00

    CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash scripts that are executed as root.

  • CVE-2020-7566HigNov 19, 2020
    risk 0.47cvss 7.3epss 0.00

    A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption keys when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221…

  • CVE-2020-7565HigNov 19, 2020
    risk 0.47cvss 7.3epss 0.00

    A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption key when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221…

  • CVE-2017-9970HigFeb 12, 2018
    risk 0.47cvss 7.2epss 0.05

    A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host machine information which could lead to…

  • CVE-2017-7965HigJun 7, 2017
    risk 0.47cvss 7.3epss 0.00

    A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller.

  • CVE-2026-8045HigJun 9, 2026
    risk 0.46cvss epss 0.00

    CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user account submits crafted XML payloads to SOAP service endpoints.

  • CVE-2026-1226HigFeb 11, 2026
    risk 0.46cvss epss 0.00

    CWE‑94: Improper Control of Generation of Code vulnerability exists that could cause execution of untrusted or unintended code within the application when maliciously crafted design content is processed through a TGML graphics file.

  • CVE-2020-28209HigNov 19, 2020
    risk 0.46cvss 7.0epss 0.00

    A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStruxure Building Operation Enterprise Server installer V1.9 - V3.1 and Enterprise Central installer V2.0 - V3.1 that could cause any local Windows user who has write permission on at least one of the subfolders…

  • CVE-2017-9966HigJan 2, 2018
    risk 0.46cvss 7.1epss 0.02

    A privilege escalation vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. By replacing certain files, an unauthorized user can obtain system privileges and the inserted code would execute at an elevated privilege level.

  • CVE-2016-8354HigFeb 13, 2017
    risk 0.46cvss 7.0epss 0.01

    An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instructions are subsequently executed directly by the simulator. A specially crafted…

  • CVE-2017-9964MedJan 2, 2018
    risk 0.45cvss 6.9epss 0.02

    A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. By sniffing communications, an unauthorized person can execute a directory traversal attack resulting in authentication bypass or session hijack.

  • CVE-2025-0813MedMar 12, 2025
    risk 0.44cvss 6.8epss 0.00

    CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an unauthorized user without permission rights has physical access to the EPAS-UI computer and is able to reboot the workstation and interrupt the normal boot process.

  • CVE-2020-28220MedDec 11, 2020
    risk 0.44cvss 6.8epss 0.01

    A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file…

  • CVE-2018-3639MedMay 22, 2018
    risk 0.44cvss 5.5epss 0.61

    Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,…

  • CVE-2018-7522MedMay 4, 2018
    risk 0.44cvss 6.7epss 0.00

    In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.

  • CVE-2017-9969MedFeb 12, 2018
    risk 0.44cvss 6.7epss 0.00

    An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.

  • CVE-2017-8371MedApr 30, 2017
    risk 0.44cvss 6.8epss 0.01

    Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses cleartext RAM storage for passwords, which might allow remote attackers to obtain sensitive information via unspecified vectors.

  • CVE-2017-7907MedMay 19, 2017
    risk 0.43cvss 6.6epss 0.00

    An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and prior. An improperly restricted XML parser (with improper restriction of XML external entity reference, or XXE) may allow an attacker to enter malicious…

  • CVE-2026-2405MedApr 14, 2026
    risk 0.42cvss 6.5epss 0.00

    CWE-400 Uncontrolled Resource Consumption vulnerability exists that could cause excessive troubleshooting zip file creation and denial of service when a Web Admin user floods the system with POST /helpabout requests.

  • CVE-2021-22791MedSep 2, 2021
    risk 0.42cvss 6.5epss 0.01

    A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions),…

  • CVE-2021-22790MedSep 2, 2021
    risk 0.42cvss 6.5epss 0.01

    A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions),…

  • CVE-2021-22789MedSep 2, 2021
    risk 0.42cvss 6.5epss 0.01

    A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580…

  • CVE-2018-7770MedJul 3, 2018
    risk 0.42cvss 6.5epss 0.01

    The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address.

  • CVE-2018-7758MedApr 18, 2018
    risk 0.42cvss 6.5epss 0.01

    A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board, MiCOM P540D Range with Legacy Ethernet Board, and MiCOM Px4x Rejuvenated could lose network communication in case of TCP/IP open requests on port 20000…

  • CVE-2017-7971MedSep 26, 2017
    risk 0.42cvss 6.5epss 0.01

    A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate.

  • CVE-2017-7970MedSep 26, 2017
    risk 0.42cvss 6.5epss 0.01

    A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the ability to specify Arbitrary Server Target Nodes in connection requests to the Secure…

  • CVE-2017-6030MedJun 30, 2017
    risk 0.42cvss 6.5epss 0.02

    A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version…

Page 3 of 15