Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric ecostruxure control expert vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1049
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause execution of malicious code when an unsuspicious user loads a project file from the local filesystem into the HMI.
Schneider-electric Ecostruxure Operator Terminal Expert 3.3
Schneider-electric Ecostruxure Operator Terminal Expert
Schneider-electric Pro-face Blue 3.3
Schneider-electric Pro-face Blue
570
VMScore
CVE-2021-22779
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybri...
Schneider-electric Ecostruxure Control Expert
Schneider-electric Ecostruxure Control Expert 15.0
Schneider-electric Ecostruxure Process Expert
Schneider-electric Remoteconnect
Schneider-electric Modicon M580 Bmep581020 Firmware
Schneider-electric Modicon M580 Bmep581020h Firmware
Schneider-electric Modicon M580 Bmep582020 Firmware
Schneider-electric Modicon M580 Bmep582020h Firmware
Schneider-electric Modicon M580 Bmep582040 Firmware
Schneider-electric Modicon M580 Bmep582040h Firmware
Schneider-electric Modicon M580 Bmep582040s Firmware
Schneider-electric Modicon M580 Bmep583020 Firmware
Schneider-electric Modicon M580 Bmep583040 Firmware
Schneider-electric Modicon M580 Bmep584020 Firmware
Schneider-electric Modicon M580 Bmep584040 Firmware
Schneider-electric Modicon M580 Bmep584040s Firmware
Schneider-electric Modicon M580 Bmep585040 Firmware
Schneider-electric Modicon M580 Bmep585040c Firmware
Schneider-electric Modicon M580 Bmep586040 Firmware
Schneider-electric Modicon M580 Bmep586040c Firmware
Schneider-electric Modicon M580 Bmeh582040 Firmware
Schneider-electric Modicon M580 Bmeh582040c Firmware
1 Article
668
VMScore
CVE-2019-6855
Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions before 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication p...
Schneider-electric Unity Pro
Schneider-electric Ecostruxure Control Expert
Schneider-electric Ecostruxure Control Expert 14.1
Schneider-electric Modicon M580 Bmep584040 Firmware
Schneider-electric Modicon M580 Bmeh584040 Firmware
Schneider-electric Modicon M580 Bmep586040 Firmware
Schneider-electric Modicon M580 Bmeh586040 Firmware
Schneider-electric Modicon M580 Bmep581020 Firmware
Schneider-electric Modicon M580 Bmep582020 Firmware
Schneider-electric Modicon M580 Bmep582040 Firmware
Schneider-electric Modicon M580 Bmep583020 Firmware
Schneider-electric Modicon M580 Bmep583040 Firmware
Schneider-electric Modicon M580 Bmep584020 Firmware
Schneider-electric Modicon M580 Bmep585040 Firmware
Schneider-electric Modicon M580 Bmeh582040 Firmware
Schneider-electric Modicon M580 Bmep584040s Firmware
Schneider-electric Modicon M580 Bmeh584040s Firmware
Schneider-electric Modicon M580 Bmeh586040s Firmware
Schneider-electric Modicon M580 Bmep582040s Firmware
Schneider-electric Modicon M340 Bmxp3420302 Firmware
Schneider-electric Modicon M340 Bmxp342020 Firmware
Schneider-electric Modicon M340 Bmxp342000 Firmware
NA
CVE-2022-45789
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process ...
Schneider-electric Ecostruxure Control Expert
Schneider-electric Ecostruxure Process Expert
Schneider-electric Modicon M340 Bmxp341000 Firmware
Schneider-electric Modicon M340 Bmxp342000 Firmware
Schneider-electric Modicon M340 Bmxp342010 Firmware -
Schneider-electric Modicon M340 Bmxp3420102 Firmware
Schneider-electric Modicon M340 Bmxp342020 Firmware
Schneider-electric Modicon M340 Bmxp342020h Firmware
Schneider-electric Modicon M340 Bmxp342030 Firmware
Schneider-electric Modicon M340 Bmxp3420302 Firmware
Schneider-electric Modicon M340 Bmxp3420302h Firmware
Schneider-electric Modicon M340 Bmxp342030h Firmware
Schneider-electric Modicon M580 Bmep581020 Firmware
Schneider-electric Modicon M580 Bmep581020h Firmware
Schneider-electric Modicon M580 Bmep582020 Firmware
Schneider-electric Modicon M580 Bmep582020h Firmware
Schneider-electric Modicon M580 Bmep582040 Firmware
Schneider-electric Modicon M580 Bmep582040h Firmware
Schneider-electric Modicon M580 Bmep582040s Firmware
Schneider-electric Modicon M580 Bmep583020 Firmware
Schneider-electric Modicon M580 Bmep583040 Firmware
Schneider-electric Modicon M580 Bmep584020 Firmware
NA
CVE-2022-37300
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (fo...
Schneider-electric Ecostruxure Process Expert
Schneider-electric Ecostruxure Control Expert
Schneider-electric Modicon M340 Bmxp341000 Firmware
Schneider-electric Modicon M340 Bmxp342000 Firmware
Schneider-electric Modicon M340 Bmxp342010 Firmware
Schneider-electric Modicon M340 Bmxp3420102 Firmware
Schneider-electric Modicon M340 Bmxp342020 Firmware
Schneider-electric Modicon M340 Bmxp342020h Firmware
Schneider-electric Modicon M340 Bmxp342030 Firmware
Schneider-electric Modicon M340 Bmxp3420302 Firmware
Schneider-electric Modicon M340 Bmxp3420302h Firmware
Schneider-electric Modicon M340 Bmxp342030h Firmware
Schneider-electric Modicon M580 Bmeh582040 Firmware
Schneider-electric Modicon M580 Bmeh582040c Firmware
Schneider-electric Modicon M580 Bmeh582040s Firmware
Schneider-electric Modicon M580 Bmeh584040 Firmware
Schneider-electric Modicon M580 Bmeh584040c Firmware
Schneider-electric Modicon M580 Bmeh584040s Firmware
Schneider-electric Modicon M580 Bmeh586040 Firmware
Schneider-electric Modicon M580 Bmeh586040c Firmware
Schneider-electric Modicon M580 Bmeh586040s Firmware
Schneider-electric Modicon M580 Bmep581020 Firmware
NA
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxur...
Schneider-electric Ecostruxure Control Expert
Schneider-electric Ecostruxure Process Expert
Schneider-electric Modicon M340 Bmxp341000 Firmware -
Schneider-electric Modicon M340 Bmxp342000 Firmware -
Schneider-electric Modicon M340 Bmxp342010 Firmware -
Schneider-electric Modicon M340 Bmxp3420102 Firmware -
Schneider-electric Modicon M340 Bmxp342020 Firmware -
Schneider-electric Modicon M340 Bmxp342020h Firmware -
Schneider-electric Modicon M340 Bmxp342030 Firmware -
Schneider-electric Modicon M340 Bmxp3420302 Firmware -
Schneider-electric Modicon M340 Bmxp3420302h Firmware -
Schneider-electric Modicon M340 Bmxp342030h Firmware -
Schneider-electric Modicon M580 Bmeh582040 Firmware -
Schneider-electric Modicon M580 Bmeh582040c Firmware -
Schneider-electric Modicon M580 Bmeh582040s Firmware -
Schneider-electric Modicon M580 Bmeh584040 Firmware -
Schneider-electric Modicon M580 Bmeh584040c Firmware -
Schneider-electric Modicon M580 Bmeh584040s Firmware -
Schneider-electric Modicon M580 Bmeh586040 Firmware -
Schneider-electric Modicon M580 Bmeh586040c Firmware -
Schneider-electric Modicon M580 Bmeh586040s Firmware -
Schneider-electric Modicon M580 Bmep581020 Firmware -
356
VMScore
CVE-2021-22790
A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modic...
Schneider-electric Modicon M340 Bmxp341000 -
Schneider-electric Modicon M340 Bmxp342010 -
Schneider-electric Modicon M340 Bmxp342020 -
Schneider-electric Modicon M340 Bmxp342030 -
Schneider-electric Modicon M580 Bmeh582040 -
Schneider-electric Modicon M580 Bmeh582040c -
Schneider-electric Modicon M580 Bmeh582040s -
Schneider-electric Modicon M580 Bmeh584040 -
Schneider-electric Modicon M580 Bmeh584040c -
Schneider-electric Modicon M580 Bmeh584040s -
Schneider-electric Modicon M580 Bmeh586040 -
Schneider-electric Modicon M580 Bmeh586040c -
Schneider-electric Modicon M580 Bmeh586040s -
Schneider-electric Modicon M580 Bmep581020 -
Schneider-electric Modicon M580 Bmep581020h -
Schneider-electric Modicon M580 Bmep582020 -
Schneider-electric Modicon M580 Bmep582020h -
Schneider-electric Modicon M580 Bmep582040 -
Schneider-electric Modicon M580 Bmep582040h -
Schneider-electric Modicon M580 Bmep582040s -
Schneider-electric Modicon M580 Bmep583020 -
Schneider-electric Modicon M580 Bmep583040 -
445
VMScore
CVE-2021-22792
A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions),...
Schneider-electric Modicon M340 Bmxp341000 -
Schneider-electric Modicon M340 Bmxp342010 -
Schneider-electric Modicon M340 Bmxp342020 -
Schneider-electric Modicon M340 Bmxp342030 -
Schneider-electric Modicon M580 Bmeh582040 -
Schneider-electric Modicon M580 Bmeh582040c -
Schneider-electric Modicon M580 Bmeh582040s -
Schneider-electric Modicon M580 Bmeh584040 -
Schneider-electric Modicon M580 Bmeh584040c -
Schneider-electric Modicon M580 Bmeh584040s -
Schneider-electric Modicon M580 Bmeh586040 -
Schneider-electric Modicon M580 Bmeh586040c -
Schneider-electric Modicon M580 Bmeh586040s -
Schneider-electric Modicon M580 Bmep581020 -
Schneider-electric Modicon M580 Bmep581020h -
Schneider-electric Modicon M580 Bmep582020 -
Schneider-electric Modicon M580 Bmep582020h -
Schneider-electric Modicon M580 Bmep582040 -
Schneider-electric Modicon M580 Bmep582040h -
Schneider-electric Modicon M580 Bmep582040s -
Schneider-electric Modicon M580 Bmep583020 -
Schneider-electric Modicon M580 Bmep583040 -
356
VMScore
CVE-2021-22789
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CP...
Schneider-electric Modicon M340 Bmxp341000 -
Schneider-electric Modicon M340 Bmxp342010 -
Schneider-electric Modicon M340 Bmxp342020 -
Schneider-electric Modicon M340 Bmxp342030 -
Schneider-electric Modicon M580 Bmeh582040 -
Schneider-electric Modicon M580 Bmeh582040c -
Schneider-electric Modicon M580 Bmeh582040s -
Schneider-electric Modicon M580 Bmeh584040 -
Schneider-electric Modicon M580 Bmeh584040c -
Schneider-electric Modicon M580 Bmeh584040s -
Schneider-electric Modicon M580 Bmeh586040 -
Schneider-electric Modicon M580 Bmeh586040c -
Schneider-electric Modicon M580 Bmeh586040s -
Schneider-electric Modicon M580 Bmep581020 -
Schneider-electric Modicon M580 Bmep581020h -
Schneider-electric Modicon M580 Bmep582020 -
Schneider-electric Modicon M580 Bmep582020h -
Schneider-electric Modicon M580 Bmep582040 -
Schneider-electric Modicon M580 Bmep582040h -
Schneider-electric Modicon M580 Bmep582040s -
Schneider-electric Modicon M580 Bmep583020 -
Schneider-electric Modicon M580 Bmep583040 -
356
VMScore
CVE-2021-22791
A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modi...
Schneider-electric Modicon M340 Bmxp341000 -
Schneider-electric Modicon M340 Bmxp342010 -
Schneider-electric Modicon M340 Bmxp342020 -
Schneider-electric Modicon M340 Bmxp342030 -
Schneider-electric Modicon M580 Bmeh582040 -
Schneider-electric Modicon M580 Bmeh582040c -
Schneider-electric Modicon M580 Bmeh582040s -
Schneider-electric Modicon M580 Bmeh584040 -
Schneider-electric Modicon M580 Bmeh584040c -
Schneider-electric Modicon M580 Bmeh584040s -
Schneider-electric Modicon M580 Bmeh586040 -
Schneider-electric Modicon M580 Bmeh586040c -
Schneider-electric Modicon M580 Bmeh586040s -
Schneider-electric Modicon M580 Bmep581020 -
Schneider-electric Modicon M580 Bmep581020h -
Schneider-electric Modicon M580 Bmep582020 -
Schneider-electric Modicon M580 Bmep582020h -
Schneider-electric Modicon M580 Bmep582040 -
Schneider-electric Modicon M580 Bmep582040h -
Schneider-electric Modicon M580 Bmep582040s -
Schneider-electric Modicon M580 Bmep583020 -
Schneider-electric Modicon M580 Bmep583040 -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »