Vulnerabilidades em Schneider Electric
297 resultadosCVE-2017-6030MEDIUMSchneider Electric Modicon PLCs Predictable Value Range from Previous ValuesEPSS 2.1%CVE-2022-2329CRITICALA CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service andEPSS 2.1%CVE-2021-22794CRITICALA CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code exEPSS 2.1%CVE-2014-9197—Schneider Electric ETG3000 FactoryCast HMI Gateway Missing Authentication for Critical FunctionEPSS 2.0%CVE-2014-5399—Schneider Electric Wonderware SQL InjectionEPSS 1.6%CVE-2014-5412—Schneider Electric SCADA Expert ClearSCADA Improper AuthenticationEPSS 1.6%CVE-2014-5397—Schneider Electric Wonderware Cross-site ScriptingEPSS 1.5%CVE-2014-0779—Schneider Electric StruxureWare SCADA Expert ClearSCADA Improper Restriction of Operations within the Bounds of a Memory BufferEPSS 1.5%CVE-2022-45789HIGHA CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the cEPSS 1.4%CVE-2019-6852HIGHA CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium coEPSS 1.4%CVE-2023-29411CRITICAL
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow
changes to administrative credentials, leadinEPSS 1.3%CVE-2022-34756HIGHA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs EPSS 1.3%CVE-2014-5411—Schneider Electric SCADA Expert ClearSCADA Cross-site ScriptingEPSS 1.3%CVE-2022-32525CRITICALA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leadiEPSS 1.3%CVE-2022-32527CRITICALA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leadiEPSS 1.3%CVE-2022-32523CRITICALA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leadiEPSS 1.3%CVE-2022-32529CRITICALA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leadiEPSS 1.3%CVE-2022-32526CRITICALA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leadiEPSS 1.3%CVE-2022-32524CRITICALA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leadiEPSS 1.3%CVE-2023-29412CRITICALCWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command
Injection') vulnerability exists that could cause remEPSS 1.2%