Vulnerabilidades em Schneider Electric

297 resultados
CVE-2022-34753HIGHA CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause rEPSS 71.1%CVE-2023-5399CRITICAL A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tamperinEPSS 38.8%CVE-2023-3001HIGH A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious pEPSS 31.9%CVE-2021-22797HIGHA CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal) vulnerability exists that could cause malicious scriEPSS 26.1%CVE-2025-50121CRITICALA CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause uEPSS 15.3%CVE-2022-22806A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malEPSS 12.3%CVE-2022-22805A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code executioEPSS 11.7%CVE-2014-0754Schneider ElectricEPSS 9.0%CVE-2023-27978HIGHA CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious paEPSS 6.5%CVE-2014-9188Schneider Electric ProClima Command InjectionEPSS 6.1%CVE-2014-9190Schneider Electric Wonderware InTouch Access Anywhere Server Buffer OverflowEPSS 6.1%CVE-2022-0715HIGHA CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a keEPSS 5.8%CVE-2014-9200Schneider Electric Device Type Managers (DTMs) Stack-based Buffer OverflowEPSS 5.6%CVE-2017-6034CRITICALSchneider Electric Modicon Modbus Protocol Authentication Bypass by Capture-replayEPSS 5.1%CVE-2014-9198Schneider Electric ETG3000 FactoryCast HMI Gateway Use of Hard-coded CredentialsEPSS 4.2%CVE-2019-10953HIGHABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some conEPSS 3.7%CVE-2021-22795CRITICALA CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause reEPSS 3.1%CVE-2014-0789Schneider Electric OPC Factory Server Buffer OverflowEPSS 2.5%CVE-2022-22722A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain theEPSS 2.4%CVE-2018-8872In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within theEPSS 2.3%