Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
somachine vulnerabilities and exploits
(subscribe to this query)
5.2
CVSSv2
CVE-2020-28220
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file ...
Schneider-electric Modicon M258 Firmware
Schneider-electric Somachine
Schneider-electric Somachine Motion
5
CVSSv2
CVE-2018-7783
Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band (OOB) attack. The vulnerability is ...
Schneider-electric Somachine Basic
6.8
CVSSv2
CVE-2017-7966
A DLL Hijacking vulnerability in the programming software in Schneider Electric's SoMachine HVAC v2.1.0 allows a remote malicious user to execute arbitrary code on the targeted system. The vulnerability exists due to the improper loading of a DLL.
Schneider-electric Somachine 2.1.0
6.8
CVSSv2
CVE-2019-6826
A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and previous versions versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product.
Schneider-electric Somachine Hvac
4.6
CVSSv2
CVE-2017-7965
A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller.
Schneider-electric Somachine Hvac 2.1.0
5
CVSSv2
CVE-2018-7823
A Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause remote launch of SoMachine Basic when sending crafted ethernet message.
Schneider-electric Somachine Basic
Schneider-electric Modicon M221 Firmware
5
CVSSv2
CVE-2018-7821
An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated.
Schneider-electric Somachine Basic
Schneider-electric Modicon M221 Firmware
2.1
CVSSv2
CVE-2018-7822
An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting S...
Schneider-electric Somachine Basic
Schneider-electric Modicon M221 Firmware
7.5
CVSSv2
CVE-2020-7487
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the malicious user to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Somachine
Schneider-electric Somachine Motion
Schneider-electric Modicon M218 Firmware
Schneider-electric Modicon M241 Firmware
Schneider-electric Modicon M251 Firmware
Schneider-electric Modicon M258 Firmware
5
CVSSv2
CVE-2020-7488
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers.
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Somachine
Schneider-electric Somachine Motion
Schneider-electric Modicon M218 Firmware
Schneider-electric Modicon M241 Firmware
Schneider-electric Modicon M251 Firmware
Schneider-electric Modicon M258 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »