Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6032
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause a file system enumeration and file download when an attacker navigates to the Network Management Card via HTTPS.
Schneider-electric Galaxy Vl Firmware 12.21
Schneider-electric Galaxy Vs Firmware 6.82
NA
CVE-2023-5391
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an malicious user to execute arbitrary code on the targeted system by sending a specifically crafted packet to the application.
Schneider-electric Ecostruxure Power Scada Operation With Advanced Reports
Schneider-electric Ecostruxure Power Operation With Advanced Reports
Schneider-electric Ecostruxure Power Monitoring Expert
NA
CVE-2023-5399
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command.
Schneider-electric Spacelogic C-bus Toolkit
NA
CVE-2023-5402
A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code execution when the transfer command is used over the network.
Schneider-electric C-bus Toolkit
NA
CVE-2023-4516
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local malicious user to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content.
Schneider-electric Interactive Graphical Scada System
NA
CVE-2023-3953
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX.
Schneider-electric Pro-face Gp-pro Ex
NA
CVE-2023-29414
A CWE-120: Buffer Copy without Checking Size of Input (Classic Buffer Overflow) vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call.
Schneider-electric Accutech Manager
NA
CVE-2023-37199
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote code execution when an admin user on DCE tampers with backups which are then manually restored.
Schneider-electric Struxureware Data Center Expert
NA
CVE-2023-37196
A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command ('SQL Injection') vulnerability exists that could allow a user already authenticated on DCE to access unauthorized content, change, or delete content, or perform unauthorized act...
Schneider-electric Struxureware Data Center Expert
NA
CVE-2023-37197
A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command ('SQL Injection') vulnerability exists that could allow a user already authenticated on DCE to access unauthorized content, change, or delete content, or perform unauthorized act...
Schneider-electric Struxureware Data Center Expert
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »