VYPR

Vendor CVEs

Schneider Electric

All CVEs

722 total · sorted by risk
  • CVE-2016-2292MedApr 6, 2016
    risk 0.42cvss 6.5epss 0.02

    Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2016-2291MedApr 6, 2016
    risk 0.42cvss 6.5epss 0.02

    Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allow remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2026-2399MedApr 14, 2026
    risk 0.40cvss 6.1epss 0.00

    CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause critical files overwritten with text data when a Web Admin user alters the POST /REST/upssleep request payload.

  • CVE-2020-28210MedNov 19, 2020
    risk 0.40cvss 6.1epss 0.01

    A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 - V3.1 that could cause an attacker to inject HTML and JavaScript code into the user's browser.

  • CVE-2018-7786MedJul 3, 2018
    risk 0.40cvss 6.1epss 0.01

    In Schneider Electric U.motion Builder software versions prior to v1.3.4, a cross site scripting (XSS) vulnerability exists which could allow injection of malicious scripts.

  • CVE-2017-5157MedFeb 13, 2017
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. The homeLYnk controller is susceptible to a cross-site scripting attack. User inputs can be manipulated to cause execution of JavaScript code.

  • CVE-2016-4513MedJun 26, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in the Schneider Electric PowerLogic PM8ECC module before 2.651 for PowerMeter 800 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-0930MedJan 28, 2012
    risk 0.40cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2025-9997MedSep 9, 2025
    risk 0.38cvss epss 0.01

    CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session.

  • CVE-2025-9996MedSep 9, 2025
    risk 0.38cvss epss 0.01

    CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause the execution of any shell command when executing a netstat command using BLMon Console in an SSH session.

  • CVE-2017-9968MedFeb 12, 2018
    risk 0.38cvss 5.9epss 0.01

    A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack.

  • CVE-2017-9965MedJan 2, 2018
    risk 0.38cvss 5.8epss 0.05

    An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. Using a directory traversal attack, an unauthorized person can view web server files.

  • CVE-2014-0759MedFeb 28, 2014
    risk 0.38cvss 5.9epss 0.00

    Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

  • CVE-2020-7567MedNov 19, 2020
    risk 0.37cvss 5.7epss 0.00

    A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221…

  • CVE-2020-28214MedDec 11, 2020
    risk 0.36cvss 5.5epss 0.01

    A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection…

  • CVE-2017-9959MedSep 26, 2017
    risk 0.36cvss 5.5epss 0.00

    A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system accepts reboot in session from unauthenticated users, supporting a denial of service condition.

  • CVE-2017-7972MedSep 26, 2017
    risk 0.36cvss 5.5epss 0.00

    A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the ability to escape out of remote PowerSCADA Anywhere applications and launch other…

  • CVE-2017-7967MedMay 9, 2017
    risk 0.36cvss 5.5epss 0.00

    All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This…

  • CVE-2018-7795MedAug 29, 2018
    risk 0.35cvss 5.4epss 0.02

    A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic (PM5560 prior to FW version 2.5.4) product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of…

  • CVE-2018-7787MedJul 3, 2018
    risk 0.35cvss 5.3epss 0.01

    In Schneider Electric U.motion Builder software versions prior to v1.3.4, this vulnerability is due to improper validation of input of context parameter in HTTP GET request.

  • CVE-2018-7244MedApr 18, 2018
    risk 0.35cvss 5.3epss 0.01

    An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to obtain sensitive device…

  • CVE-2018-7227MedMar 9, 2018
    risk 0.35cvss 5.3epss 0.01

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow retrieving of specially crafted URLs without authentication that can reveal sensitive information to an attacker.

  • CVE-2017-9960MedSep 26, 2017
    risk 0.35cvss 5.3epss 0.01

    An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system response to error provides more information than should be available to an unauthenticated user.

  • CVE-2017-6032MedJun 30, 2017
    risk 0.35cvss 5.3epss 0.02

    A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related weakness making it susceptible to brute-force attacks.

  • CVE-2016-8367MedFeb 13, 2017
    risk 0.35cvss 5.3epss 0.04

    An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK…

  • CVE-2015-6485MedMar 12, 2016
    risk 0.35cvss 5.3epss 0.01

    Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by…

  • CVE-2026-2404MedApr 14, 2026
    risk 0.34cvss 5.3epss 0.00

    CWE-116 Improper Encoding or Escaping of Output vulnerability exists that could cause log injection and forged log when an attacker alters the POST /j_security check request payload.

  • CVE-2026-2402MedApr 14, 2026
    risk 0.34cvss 5.3epss 0.00

    CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker to gain access to the user account by performing an arbitrary number of authentication attempts with different credentials on a sequence of requests to multiple…

  • CVE-2021-22764MedJun 11, 2021
    risk 0.34cvss 5.3epss 0.02

    A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could cause loss of connectivity to the device via Modbus TCP protocol when an…

  • CVE-2020-7549MedDec 11, 2020
    risk 0.34cvss 5.3epss 0.01

    A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause…

  • CVE-2017-5160MedApr 20, 2017
    risk 0.34cvss 5.3epss 0.01

    An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The software will connect via Transport Layer Security without verifying the peer's SSL certificate properly.

  • CVE-2026-2401MedApr 14, 2026
    risk 0.33cvss 5.0epss 0.00

    CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker.

  • CVE-2021-22701MedFeb 19, 2021
    risk 0.29cvss 4.5epss 0.00

    A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause a user to perform an unintended action on the target device when…

  • CVE-2026-2403MedApr 14, 2026
    risk 0.28cvss 4.3epss 0.00

    CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload.

  • CVE-2026-2400MedApr 14, 2026
    risk 0.28cvss 4.3epss 0.00

    CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability exists that could cause application user credentials to reset when a Web Admin user alters the POST /setPCBEDesc request payload.

  • CVE-2020-7568MedNov 19, 2020
    risk 0.28cvss 4.3epss 0.01

    A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 (all references, all versions) that could allow non sensitive information disclosure when the attacker has captured the traffic between EcoStruxure Machine - Basic software…

  • CVE-2018-7776MedJul 3, 2018
    risk 0.28cvss 4.3epss 0.01

    The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. System information is returned to the attacker that contains sensitive data.

  • CVE-2018-7764MedJul 3, 2018
    risk 0.28cvss 4.3epss 0.01

    The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. There is a directory traversal vulnerability in the processing of the 's' parameter of the applet.

  • CVE-2018-7763MedJul 3, 2018
    risk 0.28cvss 4.3epss 0.01

    The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The 'css' parameter contains a directory traversal vulnerability.

  • CVE-2017-9637MedMay 18, 2018
    risk 0.27cvss 4.1epss 0.00

    Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attacker may be able to sniff details from the connection string. Schneider Electric…

  • CVE-2017-9635LowMay 18, 2018
    risk 0.25cvss 3.9epss 0.00

    Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends…

  • CVE-2018-7841KEVMay 22, 2019
    risk 0.19cvss epss 0.72

    A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution when an improper set of characters is entered.

  • CVE-2022-34753Jul 13, 2022
    risk 0.08cvss epss 0.71

    A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote root exploit when the command is compromised. Affected Products: SpaceLogic C-Bus Home Controller (5200WHC2), formerly known as C-Bus…

  • CVE-2019-6814May 22, 2019
    risk 0.08cvss epss 0.37

    A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impact to confidentiality, integrity, and availability when a remote attacker crafts a malicious request to the encoder webUI.

  • CVE-2021-22707Jul 21, 2021
    risk 0.07cvss epss 0.65

    A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that…

  • CVE-2019-6543Feb 13, 2019
    risk 0.06cvss epss 0.17

    AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. Code is executed under the program runtime privileges, which could lead to the compromise of the machine.

  • CVE-2019-15637Aug 26, 2019
    risk 0.05cvss epss 0.14

    Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop.

  • CVE-2013-0662Apr 1, 2014
    risk 0.05cvss epss 0.22

    Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.

  • CVE-2013-0658Feb 15, 2013
    risk 0.05cvss epss 0.22

    Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and earlier allows remote attackers to execute arbitrary code via a crafted HTTP request.

  • CVE-2013-0657Jan 21, 2013
    risk 0.05cvss epss 0.21

    Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol.

Page 4 of 15