Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-32525
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServ...
Schneider-electric Interactive Graphical Scada System
NA
CVE-2022-32526
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted setting value messages. Affected Products: IGSS Data Server - IGSSdataS...
Schneider-electric Interactive Graphical Scada System
NA
CVE-2022-32527
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSda...
Schneider-electric Interactive Graphical Scada System
NA
CVE-2022-32748
A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software to give wrong data to end users when using CAE to configure devices. Additionally, credentials could leak which would enable an attacker the ability to log into the configuration too...
Schneider-electric Ecostruxure Cybersecurity Admin Expert
NA
CVE-2022-22732
A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause all remote domains to access the resources (data) supplied by the server when an attacker sends a fetch request from third-party site or malicious site. Affected Products: EcoStruxure Power Comm...
Schneider-electric Ecostruxure Power Commission
NA
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxur...
Schneider-electric Ecostruxure Control Expert
Schneider-electric Ecostruxure Process Expert
Schneider-electric Modicon M340 Bmxp341000 Firmware -
Schneider-electric Modicon M340 Bmxp342000 Firmware -
Schneider-electric Modicon M340 Bmxp342010 Firmware -
Schneider-electric Modicon M340 Bmxp3420102 Firmware -
Schneider-electric Modicon M340 Bmxp342020 Firmware -
Schneider-electric Modicon M340 Bmxp342020h Firmware -
Schneider-electric Modicon M340 Bmxp342030 Firmware -
Schneider-electric Modicon M340 Bmxp3420302 Firmware -
Schneider-electric Modicon M340 Bmxp3420302h Firmware -
Schneider-electric Modicon M340 Bmxp342030h Firmware -
Schneider-electric Modicon M580 Bmeh582040 Firmware -
Schneider-electric Modicon M580 Bmeh582040c Firmware -
Schneider-electric Modicon M580 Bmeh582040s Firmware -
Schneider-electric Modicon M580 Bmeh584040 Firmware -
Schneider-electric Modicon M580 Bmeh584040c Firmware -
Schneider-electric Modicon M580 Bmeh584040s Firmware -
Schneider-electric Modicon M580 Bmeh586040 Firmware -
Schneider-electric Modicon M580 Bmeh586040c Firmware -
Schneider-electric Modicon M580 Bmeh586040s Firmware -
Schneider-electric Modicon M580 Bmep581020 Firmware -
NA
CVE-2022-2988
A CWE-787: Out-of-bounds Write vulnerability exists that could cause sensitive information leakage when accessing a malicious web page from the commissioning software. Affected Products: SoMachine HVAC (Versions prior to V2.1.0), EcoStruxure Machine Expert – HVAC (Versions ...
Schneider-electric Somachine Hvac
Schneider-electric Ecostruxure Machine Expert - Hvac
NA
CVE-2022-0222
A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Et...
Schneider-electric Modicon M340 Bmxp341000 Firmware
Schneider-electric Modicon M340 Bmxp342000 Firmware
Schneider-electric Modicon M340 Bmxp342010 Firmware
Schneider-electric Modicon M340 Bmxp3420102 Firmware
Schneider-electric Modicon M340 Bmxp342020 Firmware
Schneider-electric Modicon M340 Bmxp342020h Firmware
Schneider-electric Modicon M340 Bmxp342030 Firmware
Schneider-electric Modicon M340 Bmxp3420302 Firmware
Schneider-electric Modicon M340 Bmxp3420302h Firmware
Schneider-electric Modicon M340 Bmxp342030h Firmware
Schneider-electric Modicon M340 Bmxnoe0100 Firmware -
Schneider-electric Modicon M340 Bmxnoe0110 Firmware -
Schneider-electric Modicon M340 Bmxnoe0110h Firmware -
Schneider-electric Modicon M340 Bmxnor0200h Firmware -
NA
CVE-2022-37301
A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M...
Schneider-electric Modicon M340 Bmx P34-2010 Firmware
Schneider-electric Modicon M340 Bmx P34-2030 Firmware
Schneider-electric Modicon M580 Bmeh582040 Firmware
Schneider-electric Modicon M580 Bmeh582040c Firmware
Schneider-electric Modicon M580 Bmeh582040s Firmware
Schneider-electric Modicon M580 Bmeh584040 Firmware
Schneider-electric Modicon M580 Bmeh584040c Firmware
Schneider-electric Modicon M580 Bmeh584040s Firmware
Schneider-electric Modicon M580 Bmeh586040 Firmware
Schneider-electric Modicon M580 Bmeh586040c Firmware
Schneider-electric Modicon M580 Bmeh586040s Firmware
Schneider-electric Modicon M580 Bmep581020 Firmware
Schneider-electric Modicon M580 Bmep581020h Firmware
Schneider-electric Modicon M580 Bmep582020 Firmware
Schneider-electric Modicon M580 Bmep582020h Firmware
Schneider-electric Modicon M580 Bmep582040 Firmware
Schneider-electric Modicon M580 Bmep582040h Firmware
Schneider-electric Modicon M580 Bmep582040s Firmware
Schneider-electric Modicon M580 Bmep583020 Firmware
Schneider-electric Modicon M580 Bmep583040 Firmware
Schneider-electric Modicon M580 Bmep584020 Firmware
Schneider-electric Modicon M580 Bmep584040 Firmware
NA
CVE-2022-41671
A CWE-89: Improper Neutralization of Special Elements used in SQL Command (‘SQL Injection’) vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution ...
Schneider-electric Ecostruxure Operator Terminal Expert 3.3
Schneider-electric Ecostruxure Operator Terminal Expert
Schneider-electric Pro-face Blue 3.3
Schneider-electric Pro-face Blue
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »