Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric ecostruxure machine expert vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2988
A CWE-787: Out-of-bounds Write vulnerability exists that could cause sensitive information leakage when accessing a malicious web page from the commissioning software. Affected Products: SoMachine HVAC (Versions prior to V2.1.0), EcoStruxure Machine Expert – HVAC (Versions ...
Schneider-electric Somachine Hvac
Schneider-electric Ecostruxure Machine Expert - Hvac
668
VMScore
CVE-2020-7489
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this ...
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Somachine Basic
Schneider-electric Modicon M100 Firmware
Schneider-electric Modicon M200 Firmware
Schneider-electric Modicon M221 Firmware
445
VMScore
CVE-2020-7488
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers.
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Somachine
Schneider-electric Somachine Motion
Schneider-electric Modicon M218 Firmware
Schneider-electric Modicon M241 Firmware
Schneider-electric Modicon M251 Firmware
Schneider-electric Modicon M258 Firmware
668
VMScore
CVE-2020-7487
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the malicious user to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Somachine
Schneider-electric Somachine Motion
Schneider-electric Modicon M218 Firmware
Schneider-electric Modicon M241 Firmware
Schneider-electric Modicon M251 Firmware
Schneider-electric Modicon M258 Firmware
829
VMScore
CVE-2022-22727
A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated malicious user to view data, change settings, impact availability of the software, or potentially impact a user?s local machine when the user clicks a specially crafted link. Affected Pro...
Schneider-electric Ecostruxure Power Monitoring Expert
409
VMScore
CVE-2021-22705
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or unauthorized access to system information when interacting directly with a driver installed by Vijeo Designer or EcoStruxure Machine Expert
Schneider-electric Vijeo Designer
Schneider-electric Ecostruxure Machine Expert
570
VMScore
CVE-2021-22704
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions prior...
Schneider-electric Vijeo Designer
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Ecostruxure Machine Expert 2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started