Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric ecostruxure machine expert vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2988
A CWE-787: Out-of-bounds Write vulnerability exists that could cause sensitive information leakage when accessing a malicious web page from the commissioning software. Affected Products: SoMachine HVAC (Versions prior to V2.1.0), EcoStruxure Machine Expert – HVAC (Versions ...
Schneider-electric Somachine Hvac
Schneider-electric Ecostruxure Machine Expert - Hvac
7.5
CVSSv2
CVE-2020-7489
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this ...
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Somachine Basic
Schneider-electric Modicon M100 Firmware
Schneider-electric Modicon M200 Firmware
Schneider-electric Modicon M221 Firmware
5
CVSSv2
CVE-2020-7488
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers.
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Somachine
Schneider-electric Somachine Motion
Schneider-electric Modicon M218 Firmware
Schneider-electric Modicon M241 Firmware
Schneider-electric Modicon M251 Firmware
Schneider-electric Modicon M258 Firmware
7.5
CVSSv2
CVE-2020-7487
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the malicious user to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Somachine
Schneider-electric Somachine Motion
Schneider-electric Modicon M218 Firmware
Schneider-electric Modicon M241 Firmware
Schneider-electric Modicon M251 Firmware
Schneider-electric Modicon M258 Firmware
9.3
CVSSv2
CVE-2022-22727
A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated malicious user to view data, change settings, impact availability of the software, or potentially impact a user?s local machine when the user clicks a specially crafted link. Affected Pro...
Schneider-electric Ecostruxure Power Monitoring Expert
4.6
CVSSv2
CVE-2021-22705
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or unauthorized access to system information when interacting directly with a driver installed by Vijeo Designer or EcoStruxure Machine Expert
Schneider-electric Vijeo Designer
Schneider-electric Ecostruxure Machine Expert
6.4
CVSSv2
CVE-2021-22704
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions prior...
Schneider-electric Vijeo Designer
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Ecostruxure Machine Expert 2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started