Vulnerabilidades en Schneider Electric
302 resultadosCVE-2022-24324CRITICALA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leadinEPSS 1.2%CVE-2023-25549HIGH
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
allows for remote code execution when uEPSS 1.2%CVE-2023-25550HIGH
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
allows remote code execution via the EPSS 1.2%CVE-2022-45788HIGHA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of seEPSS 1.2%CVE-2022-30232HIGHA CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code execution when an attacker is able to intercEPSS 1.1%CVE-2023-28004CRITICAL
A CWE-129: Improper validation of an array index vulnerability exists where a specially crafted
Ethernet request could result in denial oEPSS 1.1%CVE-2022-32522CRITICALA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leadiEPSS 1.1%CVE-2022-42971CRITICALA CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause remote code execution when the attacker uplEPSS 1.1%CVE-2022-30234CRITICALA CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtaiEPSS 1.1%CVE-2014-5413—Schneider Electric SCADA Expert ClearSCADA Cryptographic IssuesEPSS 1.0%CVE-2024-37037HIGHCWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path
Traversal’) vulnerability exists that could allow an authenticateEPSS 1.0%CVE-2026-9717HIGHCWE-78 Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could allow unauthorized EPSS 1.0%CVE-2024-10511MEDIUMCWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the web interface
when someone on the local netwoEPSS 1.0%CVE-2019-6834HIGHA CWE-502: Deserialization of Untrusted Data vulnerability exists which could allow an attacker to execute arbitrary code on the targeted syEPSS 0.9%CVE-2022-0221MEDIUMA CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when openiEPSS 0.9%CVE-2023-25547HIGH
A CWE-863: Incorrect Authorization vulnerability exists that could allow remote code execution
on upload and install packages when a hackerEPSS 0.9%CVE-2025-5743HIGHCWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
vulnerability exists that could cause remEPSS 0.9%CVE-2022-30235HIGHA CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow unauthorized access when an attacEPSS 0.9%CVE-2022-30238HIGHA CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over the admin account when an attacker hijacksEPSS 0.9%CVE-2024-5560MEDIUMCWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the
device’s web interface when an attacker sends a sEPSS 0.9%