Vulnerabilidades en Schneider Electric
302 resultadosCVE-2023-25619HIGH
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that
could cause denial of service of the controller wEPSS 0.6%CVE-2022-34762MEDIUMA CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized EPSS 0.6%CVE-2023-25554HIGH
A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS
Command Injection') vulnerability exists that allows aEPSS 0.6%CVE-2023-27984HIGHA CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to rEPSS 0.6%CVE-2024-11425HIGHCWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of-Service of the
product when an unauthenticatedEPSS 0.6%CVE-2023-1049HIGH
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
could cause execution of malicious code when EPSS 0.6%CVE-2022-34764MEDIUMA CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service wEPSS 0.6%CVE-2024-8884CRITICALCWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that
could cause exposure of credentials when attacEPSS 0.6%CVE-2023-6032MEDIUM
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulnerability exists that could cause a file systeEPSS 0.6%CVE-2023-25620MEDIUM
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that
could cause denial of service of the controllerEPSS 0.6%CVE-2024-8937HIGHCWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could
cause a potential arbitraryEPSS 0.6%CVE-2023-22610CRITICAL
A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of
Service against the Geo SCADA server when specific messaEPSS 0.6%CVE-2022-0222HIGHA CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the contEPSS 0.6%CVE-2023-22611HIGHA CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specEPSS 0.6%CVE-2014-5398—Schneider Electric Wonderware Input ValidationEPSS 0.6%CVE-2025-54927MEDIUMCWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized acEPSS 0.6%CVE-2023-25548HIGH
A CWE-863: Incorrect Authorization vulnerability exists that could allow access to device
credentials on specific DCE endpoints not being pEPSS 0.5%CVE-2024-8530MEDIUMCWE-306: Missing Authentication for Critical Function vulnerability exists that could
cause exposure of private data when an already generatEPSS 0.5%CVE-2024-10497HIGHCWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an
authorized attacker to modify values outsEPSS 0.5%CVE-2022-32521HIGHA CWE 502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely EPSS 0.5%