Vulnerabilidades em Schneider Electric
302 resultadosCVE-2022-32521HIGHA CWE 502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely EPSS 0.5%CVE-2025-5741MEDIUMCWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that
could cause arbitrary file EPSS 0.5%CVE-2022-32518HIGHA CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed oEPSS 0.5%CVE-2022-32520HIGHA CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed oEPSS 0.5%CVE-2024-37036CRITICALCWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass
when sending a malformed POST request and paEPSS 0.5%CVE-2024-8938CRITICALCWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could
cause a potential arbitraryEPSS 0.5%CVE-2025-3112HIGHCWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an
authenticated malicious user sendEPSS 0.5%CVE-2024-2052HIGH
CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could allow
unauthenticated files and logs exfiltratEPSS 0.5%CVE-2025-9997MEDIUMCWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause comEPSS 0.5%CVE-2023-25552HIGH
A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized
content, changes or deleting of content, oEPSS 0.5%CVE-2025-1960CRITICALCWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an
attacker to execute unauthorized coEPSS 0.5%CVE-2023-37197HIGH
A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command
('SQL Injection') vulnerability exists that coEPSS 0.5%CVE-2023-37196HIGH
A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command
('SQL Injection') vulnerability exists that coulEPSS 0.5%CVE-2025-11566MEDIUMCWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network toEPSS 0.5%CVE-2024-8936HIGHCWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory
after a successful MaEPSS 0.5%CVE-2022-34765MEDIUMA CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-contEPSS 0.5%CVE-2024-6918HIGHCWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability
exists that could cause a crash of the AccutecEPSS 0.5%CVE-2024-8935HIGHCWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss
of confidentiality and integriEPSS 0.5%CVE-2022-32519HIGHA CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in unwanted access to a DCE instance when perforEPSS 0.5%CVE-2024-2050HIGH
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
vulnerability exists when an attacker injects EPSS 0.5%