Vendor CVEs
Schneider Electric
All CVEs
722 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-6545 | 0.04 | — | 0.14 | Feb 13, 2019 | AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary… | |||
| CVE-2013-3075 | 0.04 | — | 0.11 | Apr 19, 2013 | Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code via a long string, as demonstrated by a long WzTitle property value to a certain… | |||
| CVE-2011-4034 | 0.04 | — | 0.14 | Dec 2, 2011 | Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via… | |||
| CVE-2013-0663 | 0.03 | — | 0.06 | Apr 4, 2013 | Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote attackers to hijack the… | |||
| CVE-2012-1990 | 0.03 | — | 0.02 | May 22, 2012 | Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the evtvariablename parameter in an evts.xml action to kw.dll, (2) unspecified search… | |||
| CVE-2023-5399 | 0.02 | — | 0.39 | Oct 4, 2023 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command. | |||
| CVE-2023-29411 | 0.01 | — | 0.01 | Apr 18, 2023 | A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface. | |||
| CVE-2022-22805 | 0.01 | — | 0.12 | Mar 9, 2022 | A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and… | |||
| CVE-2022-24313 | 0.01 | — | 0.45 | Feb 9, 2022 | A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data… | |||
| CVE-2021-22720 | 0.01 | — | 0.31 | Apr 13, 2021 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring a project. | |||
| CVE-2021-22719 | 0.01 | — | 0.41 | Apr 13, 2021 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file is uploaded. | |||
| CVE-2021-22718 | 0.01 | — | 0.27 | Apr 13, 2021 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files. | |||
| CVE-2021-22717 | 0.01 | — | 0.39 | Apr 13, 2021 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files. | |||
| CVE-2019-6824 | 0.01 | — | 0.04 | Jul 15, 2019 | A CWE-119: Buffer Errors vulnerability exists in ProClima (all versions prior to version 8.0.0) which allows an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0. | |||
| CVE-2019-6823 | 0.01 | — | 0.05 | Jul 15, 2019 | A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0. | |||
| CVE-2018-7844 | 0.01 | — | 0.03 | May 22, 2019 | A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading memory blocks from the controller over Modbus. | |||
| CVE-2018-7842 | 0.01 | — | 0.35 | May 22, 2019 | A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller. | |||
| CVE-2018-7848 | 0.01 | — | 0.03 | May 22, 2019 | A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading files from the controller over Modbus | |||
| CVE-2018-7843 | 0.01 | — | 0.03 | May 22, 2019 | A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading memory blocks with an invalid data size or with an invalid data offset in the controller… | |||
| CVE-2018-7849 | 0.01 | — | 0.03 | May 22, 2019 | A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus. | |||
| CVE-2015-7937 | 0.01 | — | 0.07 | Dec 21, 2015 | Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data. | |||
| CVE-2014-0754 | 0.01 | — | 0.09 | Oct 3, 2014 | Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec… | |||
| CVE-2025-13902 | 0.00 | — | 0.00 | Mar 10, 2026 | CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause condition where authenticated attackers can have a victim’s browser run arbitrary JavaScript when the victim hovers over a maliciously crafted… | |||
| CVE-2025-13901 | 0.00 | — | 0.00 | Mar 10, 2026 | CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels. | |||
| CVE-2025-11739 | 0.00 | — | 0.00 | Mar 10, 2026 | CWE‑502: Deserialization of Untrusted Data vulnerability exists that could cause arbitrary code execution with administrative privileges when a locally authenticated attacker sends a crafted data stream, triggering unsafe deserialization. | |||
| CVE-2025-13957 | 0.00 | — | 0.01 | Mar 10, 2026 | CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default. | |||
| CVE-2025-13844 | 0.00 | — | 0.00 | Jan 15, 2026 | CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody. | |||
| CVE-2025-26496 | 0.00 | — | 0.00 | Aug 22, 2025 | Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12,… | |||
| CVE-2024-10575 | 0.00 | — | 0.01 | Nov 13, 2024 | CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices. | |||
| CVE-2024-9409 | 0.00 | — | 0.01 | Nov 13, 2024 | CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become unresponsive resulting in communication loss when a large amount of IGMP packets is present in the network. | |||
| CVE-2024-8422 | 0.00 | — | 0.00 | Oct 8, 2024 | CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file. | |||
| CVE-2024-8306 | 0.00 | — | 0.00 | Sep 11, 2024 | CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries. | |||
| CVE-2024-6528 | 0.00 | — | 0.00 | Jul 11, 2024 | CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a vulnerability leading to a cross-site scripting condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a… | |||
| CVE-2024-5681 | 0.00 | — | 0.00 | Jul 11, 2024 | CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. | |||
| CVE-2024-5680 | 0.00 | — | 0.00 | Jul 11, 2024 | CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. | |||
| CVE-2024-5679 | 0.00 | — | 0.00 | Jul 11, 2024 | CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. | |||
| CVE-2024-0865 | 0.00 | — | 0.00 | Jun 12, 2024 | CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user. | |||
| CVE-2024-5559 | 0.00 | — | 0.00 | Jun 12, 2024 | CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device. | |||
| CVE-2024-37040 | 0.00 | — | 0.00 | Jun 12, 2024 | CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request. | |||
| CVE-2024-37039 | 0.00 | — | 0.01 | Jun 12, 2024 | CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request. | |||
| CVE-2024-37038 | 0.00 | — | 0.00 | Jun 12, 2024 | CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests. | |||
| CVE-2024-37037 | 0.00 | — | 0.01 | Jun 12, 2024 | CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s web interface to corrupt files and impact device functionality when sending a crafted HTTP request. | |||
| CVE-2024-37036 | 0.00 | — | 0.01 | Jun 12, 2024 | CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass when sending a malformed POST request and particular configuration parameters are set. | |||
| CVE-2024-5560 | 0.00 | — | 0.01 | Jun 12, 2024 | CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request. | |||
| CVE-2024-5557 | 0.00 | — | 0.00 | Jun 12, 2024 | CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause exposure of SNMP credentials when an attacker has access to the controller logs. | |||
| CVE-2024-5558 | 0.00 | — | 0.00 | Jun 12, 2024 | CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists that could cause escalation of privileges when an attacker abuses a limited admin account. | |||
| CVE-2024-5056 | 0.00 | — | 0.00 | Jun 12, 2024 | CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the filesystem. | |||
| CVE-2024-28020 | 0.00 | — | 0.00 | Jun 11, 2024 | A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services. | |||
| CVE-2024-28021 | 0.00 | — | 0.00 | Jun 11, 2024 | A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation. If exploited an attacker could spoof a trusted entity causing a loss of confidentiality and integrity. | |||
| CVE-2024-2012 | 0.00 | — | 0.01 | Jun 11, 2024 | vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker could use to allow unintended commands or code to be executed on the UNEM server allowing sensitive data to be read or modified or could cause other unintended behavior |
- CVE-2019-6545Feb 13, 2019risk 0.04cvss —epss 0.14
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary…
- CVE-2013-3075Apr 19, 2013risk 0.04cvss —epss 0.11
Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code via a long string, as demonstrated by a long WzTitle property value to a certain…
- CVE-2011-4034Dec 2, 2011risk 0.04cvss —epss 0.14
Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via…
- CVE-2013-0663Apr 4, 2013risk 0.03cvss —epss 0.06
Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote attackers to hijack the…
- CVE-2012-1990May 22, 2012risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the evtvariablename parameter in an evts.xml action to kw.dll, (2) unspecified search…
- CVE-2023-5399Oct 4, 2023risk 0.02cvss —epss 0.39
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command.
- CVE-2023-29411Apr 18, 2023risk 0.01cvss —epss 0.01
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface.
- CVE-2022-22805Mar 9, 2022risk 0.01cvss —epss 0.12
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and…
- CVE-2022-24313Feb 9, 2022risk 0.01cvss —epss 0.45
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data…
- CVE-2021-22720Apr 13, 2021risk 0.01cvss —epss 0.31
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring a project.
- CVE-2021-22719Apr 13, 2021risk 0.01cvss —epss 0.41
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file is uploaded.
- CVE-2021-22718Apr 13, 2021risk 0.01cvss —epss 0.27
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files.
- CVE-2021-22717Apr 13, 2021risk 0.01cvss —epss 0.39
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files.
- CVE-2019-6824Jul 15, 2019risk 0.01cvss —epss 0.04
A CWE-119: Buffer Errors vulnerability exists in ProClima (all versions prior to version 8.0.0) which allows an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0.
- CVE-2019-6823Jul 15, 2019risk 0.01cvss —epss 0.05
A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0.
- CVE-2018-7844May 22, 2019risk 0.01cvss —epss 0.03
A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading memory blocks from the controller over Modbus.
- CVE-2018-7842May 22, 2019risk 0.01cvss —epss 0.35
A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller.
- CVE-2018-7848May 22, 2019risk 0.01cvss —epss 0.03
A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading files from the controller over Modbus
- CVE-2018-7843May 22, 2019risk 0.01cvss —epss 0.03
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading memory blocks with an invalid data size or with an invalid data offset in the controller…
- CVE-2018-7849May 22, 2019risk 0.01cvss —epss 0.03
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus.
- CVE-2015-7937Dec 21, 2015risk 0.01cvss —epss 0.07
Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.
- CVE-2014-0754Oct 3, 2014risk 0.01cvss —epss 0.09
Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec…
- CVE-2025-13902Mar 10, 2026risk 0.00cvss —epss 0.00
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause condition where authenticated attackers can have a victim’s browser run arbitrary JavaScript when the victim hovers over a maliciously crafted…
- CVE-2025-13901Mar 10, 2026risk 0.00cvss —epss 0.00
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels.
- CVE-2025-11739Mar 10, 2026risk 0.00cvss —epss 0.00
CWE‑502: Deserialization of Untrusted Data vulnerability exists that could cause arbitrary code execution with administrative privileges when a locally authenticated attacker sends a crafted data stream, triggering unsafe deserialization.
- CVE-2025-13957Mar 10, 2026risk 0.00cvss —epss 0.01
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default.
- CVE-2025-13844Jan 15, 2026risk 0.00cvss —epss 0.00
CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody.
- CVE-2025-26496Aug 22, 2025risk 0.00cvss —epss 0.00
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12,…
- CVE-2024-10575Nov 13, 2024risk 0.00cvss —epss 0.01
CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices.
- CVE-2024-9409Nov 13, 2024risk 0.00cvss —epss 0.01
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become unresponsive resulting in communication loss when a large amount of IGMP packets is present in the network.
- CVE-2024-8422Oct 8, 2024risk 0.00cvss —epss 0.00
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file.
- CVE-2024-8306Sep 11, 2024risk 0.00cvss —epss 0.00
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries.
- CVE-2024-6528Jul 11, 2024risk 0.00cvss —epss 0.00
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a vulnerability leading to a cross-site scripting condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a…
- CVE-2024-5681Jul 11, 2024risk 0.00cvss —epss 0.00
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
- CVE-2024-5680Jul 11, 2024risk 0.00cvss —epss 0.00
CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
- CVE-2024-5679Jul 11, 2024risk 0.00cvss —epss 0.00
CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
- CVE-2024-0865Jun 12, 2024risk 0.00cvss —epss 0.00
CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user.
- CVE-2024-5559Jun 12, 2024risk 0.00cvss —epss 0.00
CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device.
- CVE-2024-37040Jun 12, 2024risk 0.00cvss —epss 0.00
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request.
- CVE-2024-37039Jun 12, 2024risk 0.00cvss —epss 0.01
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request.
- CVE-2024-37038Jun 12, 2024risk 0.00cvss —epss 0.00
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests.
- CVE-2024-37037Jun 12, 2024risk 0.00cvss —epss 0.01
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s web interface to corrupt files and impact device functionality when sending a crafted HTTP request.
- CVE-2024-37036Jun 12, 2024risk 0.00cvss —epss 0.01
CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass when sending a malformed POST request and particular configuration parameters are set.
- CVE-2024-5560Jun 12, 2024risk 0.00cvss —epss 0.01
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request.
- CVE-2024-5557Jun 12, 2024risk 0.00cvss —epss 0.00
CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause exposure of SNMP credentials when an attacker has access to the controller logs.
- CVE-2024-5558Jun 12, 2024risk 0.00cvss —epss 0.00
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists that could cause escalation of privileges when an attacker abuses a limited admin account.
- CVE-2024-5056Jun 12, 2024risk 0.00cvss —epss 0.00
CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the filesystem.
- CVE-2024-28020Jun 11, 2024risk 0.00cvss —epss 0.00
A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services.
- CVE-2024-28021Jun 11, 2024risk 0.00cvss —epss 0.00
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation. If exploited an attacker could spoof a trusted entity causing a loss of confidentiality and integrity.
- CVE-2024-2012Jun 11, 2024risk 0.00cvss —epss 0.01
vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker could use to allow unintended commands or code to be executed on the UNEM server allowing sensitive data to be read or modified or could cause other unintended behavior
Page 5 of 15