Vulnerabilidades em Schneider Electric
302 resultadosCVE-2025-8448LOWCWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive cEPSS 0.2%CVE-2025-8453HIGHCWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation and
arbitrary code execution when a privilEPSS 0.2%CVE-2022-42972HIGHA CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a locEPSS 0.2%CVE-2023-4516HIGH
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update
Service that could allow a local attacker tEPSS 0.2%CVE-2023-29414HIGH
A CWE-120: Buffer Copy without Checking Size of Input (Classic Buffer Overflow) vulnerability
exists that could cause user privilege escalaEPSS 0.2%CVE-2024-9002HIGHCWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access, loss of confidentiality, integrity, and avEPSS 0.2%CVE-2026-2403MEDIUMCWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting loEPSS 0.2%CVE-2023-2161MEDIUM
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that
could cause unauthorized read access to the fileEPSS 0.2%CVE-2023-3953MEDIUM
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory
Buffer vulnerability exists that could cause memory corruption EPSS 0.2%CVE-2024-12399MEDIUMCWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability
exists that could cause partEPSS 0.2%CVE-2024-2747HIGHCWE-428: Unquoted search path or element vulnerability exists in Easergy Studio, which could
cause privilege escalation when a valid user reEPSS 0.2%CVE-2022-4062HIGHA CWE-285: Improper Authorization vulnerability exists that could cause unauthorized access to certain software functions when an attacker gEPSS 0.2%CVE-2024-5559MEDIUMCWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could
cause denial of service, device reboot, or an attaEPSS 0.2%CVE-2022-42973HIGHA CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to thEPSS 0.2%CVE-2025-3916MEDIUMCWE-121: Stack-based Buffer Overflow vulnerability exists that could cause local attackers being able to
exploit these issues to potentiallyEPSS 0.2%CVE-2023-2570HIGH
A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local
denial-of-service, and potentially kernel execuEPSS 0.2%CVE-2024-8518LOWCWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft
2 application when a specially crafted proEPSS 0.2%CVE-2025-2440MEDIUMCWE-922: Insecure Storage of Sensitive Information vulnerability exists that could potentially lead to unauthorized
access of confidential dEPSS 0.2%CVE-2025-2002MEDIUMCWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure
of FTP server credentials whEPSS 0.2%CVE-2025-0327HIGHCWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit
trail data and the other acting asEPSS 0.2%