Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-17911
LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution.
Lcds Laquis Scada
4.3
CVSSv2
CVE-2021-27436
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an malicious user to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a maliciou...
Advantech Webaccess\\/scada
6.8
CVSSv2
CVE-2021-32954
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an malicious user to remotely read arbitrary files on the file system.
Advantech Webaccess\\/scada
6.8
CVSSv2
CVE-2020-10622
LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users
Lcds Laquis Scada
7.8
CVSSv2
CVE-2013-2824
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 up to and including 7.30SP1, CitectSCADA 7.20 up to and including 7.30SP1, StruxureWare PowerSCADA Expert 7.30 up to and including 7.30SR1, and PowerLogic SCADA 7.20 up to and including 7.20SR1 do n...
Schneider-electric Struxureware Scada Expert Vijeo Citect 7.20
Schneider-electric Struxureware Scada Expert Vijeo Citect 7.40
Schneider-electric Struxureware Scada Expert Vijeo Citect 7.30
Schneider-electric Citectscada 7.20
Schneider-electric Struxureware Powerscada Expert 7.30
Schneider-electric Powerlogic Scada 7.20
Schneider-electric Citectscada 7.30
5
CVSSv2
CVE-2022-24318
A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted communication with the server when outdated versions of the ViewX client are used. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStrux...
Schneider-electric Clearscada
Schneider-electric Ecostruxure Geo Scada Expert 2019
Schneider-electric Ecostruxure Geo Scada Expert 2020
4.3
CVSSv2
CVE-2022-24319
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA web server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions...
Schneider-electric Clearscada -
Schneider-electric Ecostruxure Geo Scada Expert 2019
Schneider-electric Ecostruxure Geo Scada Expert 2020
4.3
CVSSv2
CVE-2022-24320
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA database server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Ver...
Schneider-electric Clearscada -
Schneider-electric Ecostruxure Geo Scada Expert 2019
Schneider-electric Ecostruxure Geo Scada Expert 2020
5
CVSSv2
CVE-2022-24321
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause Denial of Service against the Geo SCADA server when receiving a malformed HTTP request. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versio...
Schneider-electric Clearscada
Schneider-electric Ecostruxure Geo Scada Expert 2019
Schneider-electric Ecostruxure Geo Scada Expert 2020
4.6
CVSSv2
CVE-2021-22741
Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA (all versions), EcoStruxure Geo SCADA Expert 2019 (all versions), and EcoStruxure Geo SCADA Expert 2020 (V83.7742.1 and prior), which could cause the revealing of account credentials wh...
Schneider-electric Clearscada
Schneider-electric Ecostruxure Geo Scada Expert 2019
Schneider-electric Ecostruxure Geo Scada Expert 2020
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »