Vulnerabilidades en Schneider ELectric
302 resultadosCVE-2023-29413HIGH
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause
Denial-of-Service when accessed by an unautheEPSS 0.7%CVE-2022-37301HIGHA CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory EPSS 0.7%CVE-2022-32513CRITICALA CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain control of the device when the attacker brutEPSS 0.7%CVE-2025-13957HIGHCWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS ProEPSS 0.7%CVE-2022-30233MEDIUMA CWE-20: Improper Input Validation vulnerability exists that could allow the product to be maliciously manipulated when the user is trickedEPSS 0.7%CVE-2022-34760HIGHA CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability exists that could cause a denial of service of the webserverEPSS 0.7%CVE-2022-34759HIGHA CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTEPSS 0.7%CVE-2023-5402CRITICAL
A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote
code execution when the transfer command is used EPSS 0.7%CVE-2023-29410HIGH
A CWE-20: Improper Input Validation vulnerability exists that could allow an authenticated
attacker to gain the same privilege as the appliEPSS 0.7%CVE-2022-37300CRITICALA CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and wriEPSS 0.7%CVE-2025-5740HIGHCWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file EPSS 0.6%CVE-2019-6853—A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 99EPSS 0.6%CVE-2022-32515HIGHA CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause brute force attacks to take over EPSS 0.6%CVE-2022-43377HIGH
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that
could cause account takeover when a brutEPSS 0.6%CVE-2024-11737CRITICALCWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of
confidentiality, integrity of thEPSS 0.6%CVE-2021-22786HIGHA CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the contEPSS 0.6%CVE-2024-10575CRITICALCWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on
the network and potentially impactiEPSS 0.6%CVE-2024-11999HIGHCWE-1104: Use of Unmaintained Third-Party Components vulnerability exists that could cause complete
control of the device when an authenticaEPSS 0.6%CVE-2022-24322MEDIUMA CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of comEPSS 0.6%CVE-2025-54923HIGHCWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity whEPSS 0.6%