| CVE-2026-6332 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
20d ago |
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of … |
| CVE-2022-0715 |
critical |
9.1 |
9.1 |
|
|
schneider-electric |
4y ago |
A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected… |
| CVE-2021-22788 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
4y ago |
A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modic… |
| CVE-2021-22787 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
4y ago |
A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affe… |
| CVE-2021-22785 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
4y ago |
A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server … |
| CVE-2020-7534 |
high |
8.8 |
8.8 |
|
|
schneider-electric |
4y ago |
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user … |
| CVE-2021-22792 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
5y ago |
A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted proj… |
| CVE-2021-22779 |
critical |
9.1 |
9.1 |
|
|
schneider-electric |
5y ago |
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoS… |
| CVE-2021-22768 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
5y ago |
A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code executi… |
| CVE-2021-22767 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
5y ago |
A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code executi… |
| CVE-2021-22766 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
5y ago |
A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service via a specially crafte… |
| CVE-2021-22765 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
5y ago |
A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code executi… |
| CVE-2021-22763 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
5y ago |
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for… |
| CVE-2021-22713 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
5y ago |
A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 (see security … |
| CVE-2021-22703 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
5y ago |
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affec… |
| CVE-2021-22702 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
5y ago |
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notifica… |
| CVE-2020-7566 |
high |
7.3 |
7.3 |
|
|
schneider-electric |
6y ago |
A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption keys when the attacker has captured t… |
| CVE-2020-7565 |
high |
7.3 |
7.3 |
|
|
schneider-electric |
6y ago |
A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption key when the attacker has captured … |
| CVE-2020-28209 |
high |
7.0 |
7.0 |
|
|
schneider-electric |
6y ago |
A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStruxure Building Operation Enterprise Server installer V1.9 - V3.1 and Enterprise Central installer V2.0 - V3.1 that could cause any… |
| CVE-2020-7564 |
high |
8.8 |
8.8 |
|
|
schneider-electric |
6y ago |
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their C… |
| CVE-2020-7563 |
high |
8.8 |
8.8 |
|
|
schneider-electric |
6y ago |
A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)… |
| CVE-2020-7562 |
high |
8.1 |
8.1 |
|
|
schneider-electric |
6y ago |
A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) … |
| CVE-2020-7488 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
6y ago |
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 cont… |
| CVE-2020-7489 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
6y ago |
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming … |
| CVE-2020-7477 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
6y ago |
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 (Versions 7.0 and prior), Quantum processors with integrated Ethern… |
| CVE-2019-6857 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
7y ago |
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) … |
| CVE-2019-6856 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
7y ago |
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) … |
| CVE-2018-7794 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
7y ago |
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) … |
| CVE-2019-6852 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
7y ago |
A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication mo… |
| CVE-2019-6829 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
7y ago |
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2.90) and Modicon M340 (firmware version prior to V3.10), which could cause a possible denial of service… |
| CVE-2019-6820 |
high |
8.2 |
8.2 |
|
|
schneider-electric |
7y ago |
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a speci… |
| CVE-2019-6819 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
7y ago |
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the produ… |
| CVE-2018-7852 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
7y ago |
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private … |
| CVE-2018-7821 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
7y ago |
An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flood… |
| CVE-2019-10953 |
high |
7.5 |
7.5 |
|
|
abbphoenixcontactschneider-electric |
7y ago |
ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due … |
| CVE-2018-7798 |
high |
8.2 |
8.2 |
|
|
schneider-electric |
8y ago |
A Insufficient Verification of Data Authenticity (CWE-345) vulnerability exists in the Modicon M221, all versions, which could cause a change of IPv4 configuration (IP address, mask and gateway) when… |
| CVE-2018-7792 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
8y ago |
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows una… |
| CVE-2018-7791 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
8y ago |
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows una… |
| CVE-2018-7790 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
8y ago |
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized user… |
| CVE-2018-7789 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
8y ago |
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability … |
| CVE-2017-14024 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
A Stack-based Buffer Overflow issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 Patch 1 and prior versions, and InTouch Machine Edition v8.0 SP2 Patch 1 and prior versions. The … |
| CVE-2017-13997 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. InduSoft Web Studio pro… |
| CVE-2017-9961 |
high |
7.8 |
7.8 |
|
|
schneider-electric |
9y ago |
A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code. Malicious code installation requires an access to the computer. B… |
| CVE-2017-9958 |
high |
7.8 |
7.8 |
|
|
schneider-electric |
9y ago |
An improper access control vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an improper handling of the system configuration can allow an attac… |
| CVE-2017-9957 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the web service contains a hidden system account with a hardcoded password. An attacker can … |
| CVE-2017-9956 |
high |
7.3 |
7.3 |
|
|
schneider-electric |
9y ago |
An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system contains a hard-coded valid session. An attacker can use t… |
| CVE-2017-7974 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and… |
| CVE-2017-7973 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can use calls to various paths allowing performance of… |
| CVE-2017-7969 |
high |
8.8 |
8.8 |
|
|
schneider-electric |
9y ago |
A cross-site request forgery vulnerability exists on the Secure Gateway component of Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2… |
| CVE-2017-9631 |
high |
7.5 |
7.5 |
|
|
schneider-electric |
9y ago |
A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The null pointer dereference vulnerability could allow an attack… |
| CVE-2017-9629 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The stack-based buffer overflow vulnerability has been identi… |
| CVE-2017-9627 |
high |
8.6 |
8.6 |
|
|
schneider-electric |
9y ago |
An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability co… |
| CVE-2017-6034 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which … |
| CVE-2017-7966 |
high |
8.8 |
8.8 |
|
|
schneider-electric |
9y ago |
A DLL Hijacking vulnerability in the programming software in Schneider Electric's SoMachine HVAC v2.1.0 allows a remote attacker to execute arbitrary code on the targeted system. The vulnerability ex… |
| CVE-2017-7965 |
high |
7.3 |
7.3 |
|
|
schneider-electric |
9y ago |
A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller. |
| CVE-2017-7968 |
high |
7.8 |
7.8 |
|
|
schneider-electric |
9y ago |
An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation, Wonderware InduSoft Web Studio creates a… |
| CVE-2017-6033 |
high |
7.8 |
7.8 |
|
|
schneider-electric |
9y ago |
A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is na… |
| CVE-2017-7575 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus p… |
| CVE-2017-7574 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized… |
| CVE-2017-5178 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is insta… |
| CVE-2017-5155 |
high |
7.3 |
7.3 |
|
|
schneider-electric |
9y ago |
An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compr… |
| CVE-2016-8354 |
high |
7.0 |
7.0 |
|
|
schneider-electric |
9y ago |
An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instru… |
| CVE-2016-5818 |
critical |
9.8 |
9.8 |
|
|
schneider-electric |
9y ago |
An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device. |
| CVE-2016-2290 |
high |
8.8 |
8.8 |
|
|
schneider-electric |
10y ago |
Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrar… |
| CVE-2015-7921 |
critical |
9.1 |
9.1 |
|
|
schneider-electric |
10y ago |
The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for re… |
| CVE-2015-0999 |
low |
— |
2.1 |
|
|
avevaschneider-electric |
11y ago |
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allow… |
| CVE-2015-0998 |
low |
— |
3.3 |
|
|
avevaschneider-electric |
11y ago |
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain s… |
| CVE-2015-0996 |
low |
— |
2.1 |
|
|
avevaschneider-electric |
11y ago |
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project … |
| CVE-2015-0982 |
high |
— |
7.5 |
|
|
schneider-electric |
11y ago |
Buffer overflow in an unspecified DLL in Schneider Electric Pelco DS-NVs before 7.8.90 allows remote attackers to execute arbitrary code via unspecified vectors. |
| CVE-2014-9200 |
high |
— |
7.5 |
|
|
schneider-electric |
12y ago |
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANope… |
| CVE-2014-9190 |
critical |
— |
10.0 |
|
|
schneider-electric |
12y ago |
Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not … |
| CVE-2014-8511 |
critical |
— |
10.0 |
|
|
schneider-electric |
12y ago |
Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability tha… |
| CVE-2013-0662 |
critical |
— |
10.0 |
EXP |
|
schneider-electricschneider_electric |
12y ago |
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a … |
| CVE-2013-2824 |
high |
— |
7.8 |
|
|
schneider-electric |
12y ago |
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogi… |
| CVE-2013-3075 |
critical |
— |
10.0 |
EXP |
|
mitsubishi-automationschneider-electric |
13y ago |
Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code … |
| CVE-2013-0658 |
critical |
— |
10.0 |
EXP |
|
schneider-electric |
14y ago |
Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and earlier allows remote attackers to execute arbitrary code via a crafted HTTP request. |
| CVE-2013-0657 |
critical |
— |
10.0 |
EXP |
|
schneider-electric |
14y ago |
Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does n… |
| CVE-2013-0655 |
critical |
— |
9.3 |
|
|
schneider-electric |
14y ago |
The client in Schneider Electric Software Update (SESU) Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and conseq… |
| CVE-2011-4861 |
critical |
— |
10.0 |
|
|
schneider-electric |
15y ago |
The modbus_125_handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) allows remote attackers to install arbitrary firmware updat… |
| CVE-2011-4860 |
critical |
— |
10.0 |
|
|
schneider-electric |
15y ago |
The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) generates the password for the fwupgrade account by performing… |
| CVE-2011-4859 |
critical |
— |
10.0 |
|
|
schneider-electric |
15y ago |
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB… |
| CVE-2011-4034 |
critical |
— |
10.0 |
EXP |
|
schneider-electric |
15y ago |
Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allo… |
| CVE-2011-3330 |
high |
— |
7.2 |
|
|
schneider-electric |
15y ago |
Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 an… |
| CVE-2011-3143 |
critical |
— |
10.0 |
|
|
avevaschneider-electric |
15y ago |
Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of serv… |
