CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Schneider Electric 2Ecostruxure Machine Expert Vijeo DesignerNov 21, 2024 Sep 2, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior...Show more |
1Schneider Electric 2Ecostruxure Machine Expert Vijeo DesignerNov 21, 2024 May 26, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or unauthorized access to system information when interacting directly with a driver install...Show more |
1Schneider Electric 5Ecostruxure Machine Expert Modicon M100 FirmwareModicon M200 Firmware+2 moreMay 28, 2026 Apr 22, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in...Show more |
1Schneider Electric 7Ecostruxure Machine Expert Modicon M218 FirmwareModicon M241 Firmware+4 moreMay 28, 2026 Apr 22, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers. |
1Schneider Electric 7Ecostruxure Machine Expert Modicon M218 FirmwareModicon M241 Firmware+4 moreNov 21, 2024 Apr 22, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers. |