← Back

Schneider Electric

schneider-electric

771 CVEs • 1,745 products

Products (1,745)

Click to collapse
Toggle
Struxureware Data Center Expert
struxureware_data_center_expert
48 CVEs
Interactive Graphical Scada System
interactive_graphical_scada_system
43 CVEs
Modicon M580 Firmware
modicon_m580_firmware
41 CVEs
Modicon M340 Firmware
modicon_m340_firmware
39 CVEs
Modicon M340 Bmxp342020 Firmware
modicon_m340_bmxp342020_firmware
32 CVEs
Modicon M340 Bmxp3420302 Firmware
modicon_m340_bmxp3420302_firmware
28 CVEs
Modicon M340 Bmxp341000 Firmware
modicon_m340_bmxp341000_firmware
27 CVEs
Ecostruxure Control Expert
ecostruxure_control_expert
26 CVEs
Modicon M340 Bmxp342000 Firmware
modicon_m340_bmxp342000_firmware
25 CVEs
Modicon M340 Bmxp3420102 Firmware
modicon_m340_bmxp3420102_firmware
25 CVEs
Modicon Quantum Firmware
modicon_quantum_firmware
25 CVEs
U.motion Builder
u.motion_builder
24 CVEs
Easergy T300 Firmware
easergy_t300_firmware
24 CVEs
Modicon Premium Firmware
modicon_premium_firmware
23 CVEs
140cpu65150 Firmware
140cpu65150_firmware
20 CVEs
Evlink City Evc1s22p4 Firmware
evlink_city_evc1s22p4_firmware
18 CVEs
Evlink City Evc1s7p4 Firmware
evlink_city_evc1s7p4_firmware
18 CVEs
Evlink Parking Evw2 Firmware
evlink_parking_evw2_firmware
18 CVEs
Evlink Parking Evf2 Firmware
evlink_parking_evf2_firmware
18 CVEs
Evlink Smart Wallbox Evb1a Firmware
evlink_smart_wallbox_evb1a_firmware
18 CVEs
Modicon M340 Bmxp3420102cl Firmware
modicon_m340_bmxp3420102cl_firmware
17 CVEs
Spacelynk Firmware
spacelynk_firmware
17 CVEs
Modicon M340 Bmxp342020h Firmware
modicon_m340_bmxp342020h_firmware
16 CVEs
Modicon M340 Bmxp3420302h Firmware
modicon_m340_bmxp3420302h_firmware
16 CVEs
Modicon M221 Firmware
modicon_m221_firmware
16 CVEs
Modicon M340 Bmxp3420302cl Firmware
modicon_m340_bmxp3420302cl_firmware
16 CVEs
Imps110 1er Firmware
imps110-1er_firmware
15 CVEs
Ibps110 1er Firmware
ibps110-1er_firmware
15 CVEs
Imp1110 1 Firmware
imp1110-1_firmware
15 CVEs
Imp1110 1e Firmware
imp1110-1e_firmware
15 CVEs
Imp1110 1er Firmware
imp1110-1er_firmware
15 CVEs
Ibp1110 1er Firmware
ibp1110-1er_firmware
15 CVEs
Imp219 1 Firmware
imp219-1_firmware
15 CVEs
Imp219 1e Firmware
imp219-1e_firmware
15 CVEs
Imp219 1er Firmware
imp219-1er_firmware
15 CVEs
Ibp219 1er Firmware
ibp219-1er_firmware
15 CVEs
Imp319 1 Firmware
imp319-1_firmware
15 CVEs
Imp319 1e Firmware
imp319-1e_firmware
15 CVEs
Ibp319 1er Firmware
ibp319-1er_firmware
15 CVEs
Imp519 1 Firmware
imp519-1_firmware
15 CVEs
Imp319 1er Firmware
imp319-1er_firmware
15 CVEs
Imp519 1e Firmware
imp519-1e_firmware
15 CVEs
Imp519 1er Firmware
imp519-1er_firmware
15 CVEs
Ibp519 1er Firmware
ibp519-1er_firmware
15 CVEs
Imps110 1e Firmware
imps110-1e_firmware
15 CVEs
Bmxnoe0100 Firmware
bmxnoe0100_firmware
14 CVEs
Bmxnoe0110 Firmware
bmxnoe0110_firmware
14 CVEs
Bmxnor0200h Firmware
bmxnor0200h_firmware
14 CVEs
Ecostruxure Process Expert
ecostruxure_process_expert
14 CVEs
Modicon M340 Bmxp342030 Firmware
modicon_m340_bmxp342030_firmware
13 CVEs
140cpu65160 Firmware
140cpu65160_firmware
13 CVEs
Ecostruxure Power Monitoring Expert
ecostruxure_power_monitoring_expert
13 CVEs
Evlink Parking Ev.2 Firmware
evlink_parking_ev.2_firmware
13 CVEs
Bmxnoc0401 Firmware
bmxnoc0401_firmware
12 CVEs
Mps110 1 Firmware
mps110-1_firmware
12 CVEs
140cpu65260 Firmware
140cpu65260_firmware
12 CVEs
Modicon M580 Bmep584040 Firmware
modicon_m580_bmep584040_firmware
12 CVEs
Modicon M580 Bmep586040 Firmware
modicon_m580_bmep586040_firmware
12 CVEs
Modicon M580 Bmep581020 Firmware
modicon_m580_bmep581020_firmware
12 CVEs
Modicon M580 Bmep582020 Firmware
modicon_m580_bmep582020_firmware
12 CVEs
Modicon M580 Bmep582040 Firmware
modicon_m580_bmep582040_firmware
12 CVEs
Modicon M580 Bmep583020 Firmware
modicon_m580_bmep583020_firmware
12 CVEs
Modicon M580 Bmep583040 Firmware
modicon_m580_bmep583040_firmware
12 CVEs
Modicon M580 Bmep584020 Firmware
modicon_m580_bmep584020_firmware
12 CVEs
Modicon M580 Bmep585040 Firmware
modicon_m580_bmep585040_firmware
12 CVEs
Ecostruxure Operator Terminal Expert
ecostruxure_operator_terminal_expert
12 CVEs
Tsxp574634m Firmware
tsxp574634m_firmware
11 CVEs
Tsxety4103 Firmware
tsxety4103_firmware
11 CVEs
Tsxety5103 Firmware
tsxety5103_firmware
11 CVEs
Tsxp575634m Firmware
tsxp575634m_firmware
11 CVEs
Tsxp576634m Firmware
tsxp576634m_firmware
11 CVEs
Tsxp571634m Firmware
tsxp571634m_firmware
11 CVEs
Tsxp572634m Firmware
tsxp572634m_firmware
11 CVEs
Tsxp573634m Firmware
tsxp573634m_firmware
11 CVEs
140cpu65860 Firmware
140cpu65860_firmware
11 CVEs
140cpu65160s Firmware
140cpu65160s_firmware
11 CVEs
Tsxp574634 Firmware
tsxp574634_firmware
11 CVEs
Tsxp575634 Firmware
tsxp575634_firmware
11 CVEs
Tsxp576634 Firmware
tsxp576634_firmware
11 CVEs
Modicon M340 Bmxp342030h Firmware
modicon_m340_bmxp342030h_firmware
10 CVEs
Proclima
proclima
10 CVEs
Tsxh5724m Firmware
tsxh5724m_firmware
10 CVEs
Tsxh5744m Firmware
tsxh5744m_firmware
10 CVEs
Tsxp57104m Firmware
tsxp57104m_firmware
10 CVEs
Tsxp57154m Firmware
tsxp57154m_firmware
10 CVEs
Tsxp57204m Firmware
tsxp57204m_firmware
10 CVEs
Tsxp57254m Firmware
tsxp57254m_firmware
10 CVEs
Tsxp57304m Firmware
tsxp57304m_firmware
10 CVEs
Tsxp57454m Firmware
tsxp57454m_firmware
10 CVEs
Tsxp57554m Firmware
tsxp57554m_firmware
10 CVEs
Homelynk Firmware
homelynk_firmware
10 CVEs
Modicon M340 Bmxp342010 Firmware
modicon_m340_bmxp342010_firmware
9 CVEs
Tsxp57354m Firmware
tsxp57354m_firmware
9 CVEs
Ecostruxure Geo Scada Expert 2019
ecostruxure_geo_scada_expert_2019
9 CVEs
Ecostruxure Geo Scada Expert 2020
ecostruxure_geo_scada_expert_2020
9 CVEs
Igss Dashboard
igss_dashboard
9 CVEs
Modicon M251 Firmware
modicon_m251_firmware
8 CVEs
Modicon M241 Firmware
modicon_m241_firmware
8 CVEs
Clearscada
clearscada
8 CVEs
Wiser For Knx Firmware
wiser_for_knx_firmware
8 CVEs

CVEs (771)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-22806
1Schneider Electric
8Scl Series 1029 Ups Firmware
Scl Series 1030 Ups FirmwareScl Series 1036 Ups Firmware+5 more
Nov 21, 2024
Mar 9, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SM...Show more
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)Show less
CVE-2022-22805
1Schneider Electric
8Scl Series 1029 Ups Firmware
Scl Series 1030 Ups FirmwareScl Series 1036 Ups Firmware+5 more
Nov 21, 2024
Mar 9, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartC...Show more
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)Show less
CVE-2022-0715
1Schneider Electric
33Scl Series 1029 Ups Firmware
Scl Series 1030 Ups FirmwareScl Series 1036 Ups Firmware+30 more
May 29, 2026
Mar 9, 2022
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-U...Show more
A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT Series ID=18: UPS 09.8 and prior / SMT Series ID=1040: UPS 01.2 and prior / SMT Series ID=1031: UPS 03.1 and prior), SMC Series (SMC Series ID=1005: UPS 14.1 and prior / SMC Series ID=1007: UPS 11.0 and prior / SMC Series ID=1041: UPS 01.1 and prior), SCL Series (SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior), SMX Series (SMX Series ID=20: UPS 10.2 and prior / SMX Series ID=23: UPS 07.0 and prior), SRT Series (SRT Series ID=1010/1019/1025: UPS 08.3 and prior / SRT Series ID=1024: UPS 01.0 and prior / SRT Series ID=1020: UPS 10.4 and prior / SRT Series ID=1021: UPS 12.2 and prior / SRT Series ID=1001/1013: UPS 05.1 and prior / SRT Series ID=1002/1014: UPSa05.2 and prior), APC SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)Show less
CVE-2021-22824
1Schneider Electric
1Interactive Graphical Scada System Data Collector
Nov 21, 2024
Feb 11, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Aff...Show more
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)Show less
CVE-2021-22823
1Schneider Electric
1Interactive Graphical Scada System Data Collector
Nov 21, 2024
Feb 11, 2022
N/A· v4
9.1 CRITICAL· v3
5.0 MEDIUM· v2
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Pr...Show more
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)Show less
CVE-2021-22806
1Schneider Electric
3Fellerlynk Firmware
Spacelynk FirmwareWiser For Knx Firmware
Nov 21, 2024
Feb 11, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk (V2.6.1 and prior), W...Show more
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk (V2.6.1 and prior), Wiser for KNX (V2.6.1 and prior), fellerLYnk (V2.6.1 and prior)Show less
CVE-2021-22805
1Schneider Electric
1Interactive Graphical Scada System Data Collector
Nov 21, 2024
Feb 11, 2022
N/A· v4
9.1 CRITICAL· v3
5.0 MEDIUM· v2
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Pr...Show more
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)Show less
CVE-2021-22804
1Schneider Electric
1Interactive Graphical Scada System Data Collector
Nov 21, 2024
Feb 11, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of u...Show more
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)Show less
CVE-2021-22803
1Schneider Electric
1Interactive Graphical Scada System Data Collector
Nov 21, 2024
Feb 11, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC...Show more
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)Show less
CVE-2021-22802
1Schneider Electric
1Interactive Graphical Scada System Data Collector
Nov 21, 2024
Feb 11, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the netwo...Show more
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)Show less
CVE-2021-22801
1Schneider Electric
1Connexium Network Manager
Nov 21, 2024
Feb 11, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary command execution when the software is configured with specially crafted event actions. Affected Product: ConneXium Network Mana...Show more
A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary command execution when the software is configured with specially crafted event actions. Affected Product: ConneXium Network Manager Software (All Versions)Show less
CVE-2021-22800
1Schneider Electric
1Modicon M218 Firmware
Nov 21, 2024
Feb 11, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V...Show more
A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V5.1.0.6 and prior)Show less
CVE-2021-22798
1Schneider Electric
1Conext Combox Firmware
Nov 21, 2024
Feb 11, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause Sensitive data such as login credentials being exposed when a Network is sniffed. Affected Product: Conext� ComBox (All Versions)
CVE-2021-22796
1Schneider Electric
1C Gate Server
Nov 21, 2024
Feb 11, 2022
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior)
CVE-2021-22788
1Schneider Electric
14140cpu65150 Firmware
140noc77101 Firmware140noc78x00 Firmware+11 more
May 29, 2026
Feb 11, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34...Show more
A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)Show less
CVE-2021-22787
1Schneider Electric
14140cpu65150 Firmware
140noc77101 Firmware140noc78x00 Firmware+11 more
May 29, 2026
Feb 11, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon...Show more
A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)Show less
CVE-2021-22785
1Schneider Electric
14140cpu65150 Firmware
140noc77101 Firmware140noc78x00 Firmware+11 more
May 29, 2026
Feb 11, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. Affect...Show more
A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)Show less
CVE-2021-22748
1Schneider Electric
1C Bus Toolkit
Nov 21, 2024
Feb 11, 2022
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and pr...Show more
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior)Show less
CVE-2022-24321
1Schneider Electric
3Clearscada
Ecostruxure Geo Scada Expert 2019Ecostruxure Geo Scada Expert 2020
Nov 21, 2024
Feb 9, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause Denial of Service against the Geo SCADA server when receiving a malformed HTTP request. Affected Product: ClearSCADA (...Show more
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause Denial of Service against the Geo SCADA server when receiving a malformed HTTP request. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions)Show less
CVE-2022-24320
1Schneider Electric
3Clearscada
Ecostruxure Geo Scada Expert 2019Ecostruxure Geo Scada Expert 2020
Nov 21, 2024
Feb 9, 2022
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA database server are intercepted. Affected Product: ClearSCAD...Show more
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA database server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions)Show less