Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric unity pro vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2011-3330
Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and previous versions, OPC Factory Server 3.34, Vijeo Citect 7.20 and previous versions, Telemecanique Driver Pack 2.6 and previous versions, Monitor Pro 7.6 and previous versions, a...
Schneider-electric Unity Pro
Schneider-electric Telemecanique Driver Pack
Schneider-electric Monitor Pro
Schneider-electric Pl7 Pro
Schneider-electric Opc Factory Server
Schneider-electric Vijeo Citect
7.5
CVSSv2
CVE-2014-9200
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and previous versions, CANopen Communication Library 1.0.2 and previous versions, EtherNet/IP Commun...
Schneider-electric Somove Lite -
Schneider-electric Somove -
Schneider-electric Unity Pro -
Schneider-electric Somachine -
5.1
CVSSv2
CVE-2016-8354
An issue exists in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instructions are subsequently executed directly by the simulator. A specially crafted patched U...
Schneider-electric Unity Pro
6.8
CVSSv2
CVE-2020-7560
A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a mal...
Schneider-electric Ecostruxure Control Expert
Schneider-electric Unity Pro
7.5
CVSSv2
CVE-2020-7475
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions before 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prio...
Schneider-electric Ecostruxure Control Expert
Schneider-electric Unity Pro
Schneider-electric Modicon M340 Firmware
Schneider-electric Modicon M580 Firmware
9.3
CVSSv2
CVE-2013-0662
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 up to and including 3.2 allow remote malicious users to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
Schneider-electric Concept
Schneider-electric Modbus Serial Driver 1.10
Schneider-electric Modbus Serial Driver 2.2
Schneider-electric Modbus Serial Driver 3.2
Schneider-electric Modbuscommdtm Sl
Schneider-electric Opc Factory Server
Schneider-electric Opc Factory Server 3.34
Schneider-electric Opc Factory Server 3.35
Schneider-electric Pl7
Schneider-electric Powersuite
Schneider-electric Sft2841 13.1
Schneider-electric Sft2841
Schneider-electric Somachine 2.0
Schneider-electric Somachine 3.0
Schneider-electric Somachine
Schneider-electric Somove
Schneider-electric Twidosuite
Schneider-electric Unity Pro 6.0
Schneider-electric Unity Pro
Schneider-electric Unityloader
Schneider Electric Somachine 3.0
2 EDB exploits
7.5
CVSSv2
CVE-2019-6855
Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions before 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication p...
Schneider-electric Unity Pro
Schneider-electric Ecostruxure Control Expert
Schneider-electric Ecostruxure Control Expert 14.1
Schneider-electric Modicon M580 Bmep584040 Firmware
Schneider-electric Modicon M580 Bmeh584040 Firmware
Schneider-electric Modicon M580 Bmep586040 Firmware
Schneider-electric Modicon M580 Bmeh586040 Firmware
Schneider-electric Modicon M580 Bmep581020 Firmware
Schneider-electric Modicon M580 Bmep582020 Firmware
Schneider-electric Modicon M580 Bmep582040 Firmware
Schneider-electric Modicon M580 Bmep583020 Firmware
Schneider-electric Modicon M580 Bmep583040 Firmware
Schneider-electric Modicon M580 Bmep584020 Firmware
Schneider-electric Modicon M580 Bmep585040 Firmware
Schneider-electric Modicon M580 Bmeh582040 Firmware
Schneider-electric Modicon M580 Bmep584040s Firmware
Schneider-electric Modicon M580 Bmeh584040s Firmware
Schneider-electric Modicon M580 Bmeh586040s Firmware
Schneider-electric Modicon M580 Bmep582040s Firmware
Schneider-electric Modicon M340 Bmxp3420302 Firmware
Schneider-electric Modicon M340 Bmxp342020 Firmware
Schneider-electric Modicon M340 Bmxp342000 Firmware
NA
CVE-2022-37300
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (fo...
Schneider-electric Ecostruxure Process Expert
Schneider-electric Ecostruxure Control Expert
Schneider-electric Modicon M340 Bmxp341000 Firmware
Schneider-electric Modicon M340 Bmxp342000 Firmware
Schneider-electric Modicon M340 Bmxp342010 Firmware
Schneider-electric Modicon M340 Bmxp3420102 Firmware
Schneider-electric Modicon M340 Bmxp342020 Firmware
Schneider-electric Modicon M340 Bmxp342020h Firmware
Schneider-electric Modicon M340 Bmxp342030 Firmware
Schneider-electric Modicon M340 Bmxp3420302 Firmware
Schneider-electric Modicon M340 Bmxp3420302h Firmware
Schneider-electric Modicon M340 Bmxp342030h Firmware
Schneider-electric Modicon M580 Bmeh582040 Firmware
Schneider-electric Modicon M580 Bmeh582040c Firmware
Schneider-electric Modicon M580 Bmeh582040s Firmware
Schneider-electric Modicon M580 Bmeh584040 Firmware
Schneider-electric Modicon M580 Bmeh584040c Firmware
Schneider-electric Modicon M580 Bmeh584040s Firmware
Schneider-electric Modicon M580 Bmeh586040 Firmware
Schneider-electric Modicon M580 Bmeh586040c Firmware
Schneider-electric Modicon M580 Bmeh586040s Firmware
Schneider-electric Modicon M580 Bmep581020 Firmware
6.4
CVSSv2
CVE-2021-22779
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybri...
Schneider-electric Ecostruxure Control Expert
Schneider-electric Ecostruxure Control Expert 15.0
Schneider-electric Ecostruxure Process Expert
Schneider-electric Remoteconnect
Schneider-electric Modicon M580 Bmep581020 Firmware
Schneider-electric Modicon M580 Bmep581020h Firmware
Schneider-electric Modicon M580 Bmep582020 Firmware
Schneider-electric Modicon M580 Bmep582020h Firmware
Schneider-electric Modicon M580 Bmep582040 Firmware
Schneider-electric Modicon M580 Bmep582040h Firmware
Schneider-electric Modicon M580 Bmep582040s Firmware
Schneider-electric Modicon M580 Bmep583020 Firmware
Schneider-electric Modicon M580 Bmep583040 Firmware
Schneider-electric Modicon M580 Bmep584020 Firmware
Schneider-electric Modicon M580 Bmep584040 Firmware
Schneider-electric Modicon M580 Bmep584040s Firmware
Schneider-electric Modicon M580 Bmep585040 Firmware
Schneider-electric Modicon M580 Bmep585040c Firmware
Schneider-electric Modicon M580 Bmep586040 Firmware
Schneider-electric Modicon M580 Bmep586040c Firmware
Schneider-electric Modicon M580 Bmeh582040 Firmware
Schneider-electric Modicon M580 Bmeh582040c Firmware
1 Article
5
CVSSv2
CVE-2018-7850
A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software.
Schneider-electric Modicon M580 Firmware
Schneider-electric Modicon M340 Firmware
Schneider-electric Modicon Quantum Firmware
Schneider-electric Modicon Premium Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »