Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2229
CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution when a malicious project file is loaded into the application by a valid user.
NA
CVE-2024-0865
This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric EcoStruxure IT Gateway. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The speci...
NA
CVE-2023-7032
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object.
Schneider-electric Easergy Studio
NA
CVE-2023-6407
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file deletion upon service restart when accessed by a local and low-privileged attacker.
Schneider-electric Easy Ups Online Monitoring Software
NA
CVE-2023-5629
A CWE-601:URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability exists that could cause disclosure of information through phishing attempts over HTTP.
Schneider-electric Eb450 Firmware -
Schneider-electric Eb45e Firmware -
Schneider-electric Eh450 Firmware -
Schneider-electric Eh45e Firmware -
Schneider-electric Er450 Firmware -
Schneider-electric Er45e Firmware -
Schneider-electric Jr240 Firmware -
Schneider-electric Jr900 Firmware -
Schneider-electric Qr450 Firmware
Schneider-electric Qr150 Firmware
Schneider-electric Qb450 Firmware
Schneider-electric Qb150 Firmware
Schneider-electric Qp450 Firmware
Schneider-electric Qp150 Firmware
Schneider-electric Qh450 Firmware
Schneider-electric Qh150 Firmware
NA
CVE-2023-5630
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a privileged user to install an untrusted firmware.
Schneider-electric Eb450 Firmware -
Schneider-electric Eb45e Firmware -
Schneider-electric Eh450 Firmware -
Schneider-electric Eh45e Firmware -
Schneider-electric Er450 Firmware -
Schneider-electric Er45e Firmware -
Schneider-electric Jr240 Firmware -
Schneider-electric Jr900 Firmware -
Schneider-electric Qr450 Firmware
Schneider-electric Qr150 Firmware
Schneider-electric Qb450 Firmware
Schneider-electric Qb150 Firmware
Schneider-electric Qp450 Firmware
Schneider-electric Qp150 Firmware
Schneider-electric Qh450 Firmware
Schneider-electric Qh150 Firmware
NA
CVE-2023-5984
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow modified firmware to be uploaded when an authorized admin user begins a firmware update procedure which could result in full control over the device.
Schneider-electric Ion8650 Firmware
Schneider-electric Ion8800 Firmware
NA
CVE-2023-5985
A CWE-79 Improper Neutralization of Input During Web Page Generation vulnerability exists that could cause compromise of a user’s browser when an attacker with admin privileges has modified system values.
Schneider-electric Ion8650 Firmware
Schneider-electric Ion8800 Firmware
NA
CVE-2023-5986
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect vulnerability leading to a cross site scripting attack. By providing a URL-encoded input attackers can cause the software’s web application to redirect to the chosen domain af...
Schneider-electric Ecostruxure Power Monitoring Expert 2020
Schneider-electric Ecostruxure Power Monitoring Expert 2021
NA
CVE-2023-5987
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability that could cause a vulnerability leading to a cross site scripting condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a pag...
Schneider-electric Ecostruxure Power Monitoring Expert 2020
Schneider-electric Ecostruxure Power Monitoring Expert 2021
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »