← Back

Schneider Electric

schneider-electric

771 CVEs • 1,745 products

Products (1,745)

Click to collapse
Toggle
Struxureware Data Center Expert
struxureware_data_center_expert
48 CVEs
Interactive Graphical Scada System
interactive_graphical_scada_system
43 CVEs
Modicon M580 Firmware
modicon_m580_firmware
41 CVEs
Modicon M340 Firmware
modicon_m340_firmware
39 CVEs
Modicon M340 Bmxp342020 Firmware
modicon_m340_bmxp342020_firmware
32 CVEs
Modicon M340 Bmxp3420302 Firmware
modicon_m340_bmxp3420302_firmware
28 CVEs
Modicon M340 Bmxp341000 Firmware
modicon_m340_bmxp341000_firmware
27 CVEs
Ecostruxure Control Expert
ecostruxure_control_expert
26 CVEs
Modicon M340 Bmxp342000 Firmware
modicon_m340_bmxp342000_firmware
25 CVEs
Modicon M340 Bmxp3420102 Firmware
modicon_m340_bmxp3420102_firmware
25 CVEs
Modicon Quantum Firmware
modicon_quantum_firmware
25 CVEs
U.motion Builder
u.motion_builder
24 CVEs
Easergy T300 Firmware
easergy_t300_firmware
24 CVEs
Modicon Premium Firmware
modicon_premium_firmware
23 CVEs
140cpu65150 Firmware
140cpu65150_firmware
20 CVEs
Evlink City Evc1s22p4 Firmware
evlink_city_evc1s22p4_firmware
18 CVEs
Evlink City Evc1s7p4 Firmware
evlink_city_evc1s7p4_firmware
18 CVEs
Evlink Parking Evw2 Firmware
evlink_parking_evw2_firmware
18 CVEs
Evlink Parking Evf2 Firmware
evlink_parking_evf2_firmware
18 CVEs
Evlink Smart Wallbox Evb1a Firmware
evlink_smart_wallbox_evb1a_firmware
18 CVEs
Modicon M340 Bmxp3420102cl Firmware
modicon_m340_bmxp3420102cl_firmware
17 CVEs
Spacelynk Firmware
spacelynk_firmware
17 CVEs
Modicon M340 Bmxp342020h Firmware
modicon_m340_bmxp342020h_firmware
16 CVEs
Modicon M340 Bmxp3420302h Firmware
modicon_m340_bmxp3420302h_firmware
16 CVEs
Modicon M221 Firmware
modicon_m221_firmware
16 CVEs
Modicon M340 Bmxp3420302cl Firmware
modicon_m340_bmxp3420302cl_firmware
16 CVEs
Imps110 1er Firmware
imps110-1er_firmware
15 CVEs
Ibps110 1er Firmware
ibps110-1er_firmware
15 CVEs
Imp1110 1 Firmware
imp1110-1_firmware
15 CVEs
Imp1110 1e Firmware
imp1110-1e_firmware
15 CVEs
Imp1110 1er Firmware
imp1110-1er_firmware
15 CVEs
Ibp1110 1er Firmware
ibp1110-1er_firmware
15 CVEs
Imp219 1 Firmware
imp219-1_firmware
15 CVEs
Imp219 1e Firmware
imp219-1e_firmware
15 CVEs
Imp219 1er Firmware
imp219-1er_firmware
15 CVEs
Ibp219 1er Firmware
ibp219-1er_firmware
15 CVEs
Imp319 1 Firmware
imp319-1_firmware
15 CVEs
Imp319 1e Firmware
imp319-1e_firmware
15 CVEs
Ibp319 1er Firmware
ibp319-1er_firmware
15 CVEs
Imp519 1 Firmware
imp519-1_firmware
15 CVEs
Imp319 1er Firmware
imp319-1er_firmware
15 CVEs
Imp519 1e Firmware
imp519-1e_firmware
15 CVEs
Imp519 1er Firmware
imp519-1er_firmware
15 CVEs
Ibp519 1er Firmware
ibp519-1er_firmware
15 CVEs
Imps110 1e Firmware
imps110-1e_firmware
15 CVEs
Bmxnoe0100 Firmware
bmxnoe0100_firmware
14 CVEs
Bmxnoe0110 Firmware
bmxnoe0110_firmware
14 CVEs
Bmxnor0200h Firmware
bmxnor0200h_firmware
14 CVEs
Ecostruxure Process Expert
ecostruxure_process_expert
14 CVEs
Modicon M340 Bmxp342030 Firmware
modicon_m340_bmxp342030_firmware
13 CVEs
140cpu65160 Firmware
140cpu65160_firmware
13 CVEs
Ecostruxure Power Monitoring Expert
ecostruxure_power_monitoring_expert
13 CVEs
Evlink Parking Ev.2 Firmware
evlink_parking_ev.2_firmware
13 CVEs
Bmxnoc0401 Firmware
bmxnoc0401_firmware
12 CVEs
Mps110 1 Firmware
mps110-1_firmware
12 CVEs
140cpu65260 Firmware
140cpu65260_firmware
12 CVEs
Modicon M580 Bmep584040 Firmware
modicon_m580_bmep584040_firmware
12 CVEs
Modicon M580 Bmep586040 Firmware
modicon_m580_bmep586040_firmware
12 CVEs
Modicon M580 Bmep581020 Firmware
modicon_m580_bmep581020_firmware
12 CVEs
Modicon M580 Bmep582020 Firmware
modicon_m580_bmep582020_firmware
12 CVEs
Modicon M580 Bmep582040 Firmware
modicon_m580_bmep582040_firmware
12 CVEs
Modicon M580 Bmep583020 Firmware
modicon_m580_bmep583020_firmware
12 CVEs
Modicon M580 Bmep583040 Firmware
modicon_m580_bmep583040_firmware
12 CVEs
Modicon M580 Bmep584020 Firmware
modicon_m580_bmep584020_firmware
12 CVEs
Modicon M580 Bmep585040 Firmware
modicon_m580_bmep585040_firmware
12 CVEs
Ecostruxure Operator Terminal Expert
ecostruxure_operator_terminal_expert
12 CVEs
Tsxp574634m Firmware
tsxp574634m_firmware
11 CVEs
Tsxety4103 Firmware
tsxety4103_firmware
11 CVEs
Tsxety5103 Firmware
tsxety5103_firmware
11 CVEs
Tsxp575634m Firmware
tsxp575634m_firmware
11 CVEs
Tsxp576634m Firmware
tsxp576634m_firmware
11 CVEs
Tsxp571634m Firmware
tsxp571634m_firmware
11 CVEs
Tsxp572634m Firmware
tsxp572634m_firmware
11 CVEs
Tsxp573634m Firmware
tsxp573634m_firmware
11 CVEs
140cpu65860 Firmware
140cpu65860_firmware
11 CVEs
140cpu65160s Firmware
140cpu65160s_firmware
11 CVEs
Tsxp574634 Firmware
tsxp574634_firmware
11 CVEs
Tsxp575634 Firmware
tsxp575634_firmware
11 CVEs
Tsxp576634 Firmware
tsxp576634_firmware
11 CVEs
Modicon M340 Bmxp342030h Firmware
modicon_m340_bmxp342030h_firmware
10 CVEs
Proclima
proclima
10 CVEs
Tsxh5724m Firmware
tsxh5724m_firmware
10 CVEs
Tsxh5744m Firmware
tsxh5744m_firmware
10 CVEs
Tsxp57104m Firmware
tsxp57104m_firmware
10 CVEs
Tsxp57154m Firmware
tsxp57154m_firmware
10 CVEs
Tsxp57204m Firmware
tsxp57204m_firmware
10 CVEs
Tsxp57254m Firmware
tsxp57254m_firmware
10 CVEs
Tsxp57304m Firmware
tsxp57304m_firmware
10 CVEs
Tsxp57454m Firmware
tsxp57454m_firmware
10 CVEs
Tsxp57554m Firmware
tsxp57554m_firmware
10 CVEs
Homelynk Firmware
homelynk_firmware
10 CVEs
Modicon M340 Bmxp342010 Firmware
modicon_m340_bmxp342010_firmware
9 CVEs
Tsxp57354m Firmware
tsxp57354m_firmware
9 CVEs
Ecostruxure Geo Scada Expert 2019
ecostruxure_geo_scada_expert_2019
9 CVEs
Ecostruxure Geo Scada Expert 2020
ecostruxure_geo_scada_expert_2020
9 CVEs
Igss Dashboard
igss_dashboard
9 CVEs
Modicon M251 Firmware
modicon_m251_firmware
8 CVEs
Modicon M241 Firmware
modicon_m241_firmware
8 CVEs
Clearscada
clearscada
8 CVEs
Wiser For Knx Firmware
wiser_for_knx_firmware
8 CVEs

CVEs (771)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-7517
1Schneider Electric
1Easergy Builder
Nov 21, 2024
Jul 23, 2020
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to read user credentials.
CVE-2020-7516
1Schneider Electric
1Easergy Builder
Nov 21, 2024
Jul 23, 2020
N/A· v4
7.8 HIGH· v3
2.1 LOW· v2
A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker access to login credentials.
CVE-2020-7515
1Schneider Electric
1Easergy Builder
Nov 21, 2024
Jul 23, 2020
N/A· v4
7.8 HIGH· v3
2.1 LOW· v2
A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker to decrypt a password.
CVE-2020-7514
1Schneider Electric
1Easergy Builder
Nov 21, 2024
Jul 23, 2020
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker access to the authorization credentials for a device and gain...Show more
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker access to the authorization credentials for a device and gain full access.Show less
CVE-2020-7491
1Schneider Electric
7Tricon Tcm 4351 Firmware
Tricon Tcm 4351a FirmwareTricon Tcm 4351b Firmware+4 more
Nov 21, 2024
Jul 23, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was...Show more
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4.Show less
CVE-2020-7513
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to intercept traffic and read configuration data.
CVE-2020-7512
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to exploit the component.
CVE-2020-7511
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to acquire a password by brute force.
CVE-2020-7510
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-200: Information Exposure vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow attacker to obtain private keys.
CVE-2020-7509
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
A CWE-269: Improper privilege management (write) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to elevate their privileges and delete files.
CVE-2020-7508
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force.
CVE-2020-7507
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-400: Uncontrolled Resource Consumption vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to login multiple times resulting in a denial of service.
CVE-2020-7506
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usua...Show more
A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure.Show less
CVE-2020-7505
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
A CWE-494 Download of Code Without Integrity Check vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to inject data with dangerous content into the firmware and execute...Show more
A CWE-494 Download of Code Without Integrity Check vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to inject data with dangerous content into the firmware and execute arbitrary code on the system.Show less
CVE-2020-7504
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
A CWE-20: Improper Input Validation vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to disable the webserver service on the device when specially crafted network pack...Show more
A CWE-20: Improper Input Validation vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to disable the webserver service on the device when specially crafted network packets are sent.Show less
CVE-2020-7503
1Schneider Electric
1Easergy T300 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-to...Show more
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted.Show less
CVE-2020-7502
1Schneider Electric
1Modicon M218 Firmware
Nov 21, 2024
Jun 16, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218...Show more
A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller.Show less
CVE-2020-7501
1Schneider Electric
1Vijeo Designer
Nov 21, 2024
Jun 16, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and...Show more
A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and Vijeo Designer.Show less
CVE-2020-7500
1Schneider Electric
6Mtn6260 0310 Firmware
Mtn6260 0315 FirmwareMtn6260 0410 Firmware+3 more
Nov 21, 2024
Jun 16, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A CWE-89:Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could...Show more
A CWE-89:Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause arbitrary code to be executed when a malicious command is entered.Show less
CVE-2020-7499
1Schneider Electric
6Mtn6260 0310 Firmware
Mtn6260 0315 FirmwareMtn6260 0410 Firmware+3 more
Nov 21, 2024
Jun 16, 2020
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
A CWE-863: Incorrect Authorization vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause unauthorized access when a low privileged user makes...Show more
A CWE-863: Incorrect Authorization vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause unauthorized access when a low privileged user makes unauthorized changes.Show less