Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-22820

Summary
Assigner-schneider
Assigner Org ID-076d1eb6-cfab-4401-b34d-6dfc2a413bdb
Published At-28 Jan, 2022 | 19:09
Updated At-03 Aug, 2024 | 18:51
Rejected At-
Credits

A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain an unauthorized access over a hijacked session to the charger station web server even after the legitimate user account holder has changed his password. Affected Products: EVlink City EVC1S22P4 / EVC1S7P4 (All versions prior to R8 V3.4.0.2 ), EVlink Parking EVW2 / EVF2 / EVP2PE (All versions prior to R8 V3.4.0.2), and EVlink Smart Wallbox EVB1A (All versions prior to R8 V3.4.0.2)

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:schneider
Assigner Org ID:076d1eb6-cfab-4401-b34d-6dfc2a413bdb
Published At:28 Jan, 2022 | 19:09
Updated At:03 Aug, 2024 | 18:51
Rejected At:
▼CVE Numbering Authority (CNA)

A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain an unauthorized access over a hijacked session to the charger station web server even after the legitimate user account holder has changed his password. Affected Products: EVlink City EVC1S22P4 / EVC1S7P4 (All versions prior to R8 V3.4.0.2 ), EVlink Parking EVW2 / EVF2 / EVP2PE (All versions prior to R8 V3.4.0.2), and EVlink Smart Wallbox EVB1A (All versions prior to R8 V3.4.0.2)

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-348-02
x_refsource_MISC
Hyperlink: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-348-02
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-348-02
x_refsource_MISC
x_transferred
Hyperlink: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-348-02
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cybersecurity@se.com
Published At:28 Jan, 2022 | 20:15
Updated At:03 Feb, 2022 | 19:12

A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain an unauthorized access over a hijacked session to the charger station web server even after the legitimate user account holder has changed his password. Affected Products: EVlink City EVC1S22P4 / EVC1S7P4 (All versions prior to R8 V3.4.0.2 ), EVlink Parking EVW2 / EVF2 / EVP2PE (All versions prior to R8 V3.4.0.2), and EVlink Smart Wallbox EVB1A (All versions prior to R8 V3.4.0.2)

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Schneider Electric SE
schneider-electric
>>evlink_city_evc1s22p4_firmware>>Versions before 3.4.0.2(exclusive)
cpe:2.3:o:schneider-electric:evlink_city_evc1s22p4_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_city_evc1s22p4>>-
cpe:2.3:h:schneider-electric:evlink_city_evc1s22p4:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_city_evc1s7p4_firmware>>Versions before 3.4.0.2(exclusive)
cpe:2.3:o:schneider-electric:evlink_city_evc1s7p4_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_city_evc1s7p4>>-
cpe:2.3:h:schneider-electric:evlink_city_evc1s7p4:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_parking_evw2_firmware>>Versions before 3.4.0.2(exclusive)
cpe:2.3:o:schneider-electric:evlink_parking_evw2_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_parking_evw2>>-
cpe:2.3:h:schneider-electric:evlink_parking_evw2:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_parking_evf2_firmware>>Versions before 3.4.0.2(exclusive)
cpe:2.3:o:schneider-electric:evlink_parking_evf2_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_parking_evf2>>-
cpe:2.3:h:schneider-electric:evlink_parking_evf2:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_parking_evp2pe_firmware>>Versions before 3.4.0.2(exclusive)
cpe:2.3:o:schneider-electric:evlink_parking_evp2pe_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_parking_evp2pe>>-
cpe:2.3:h:schneider-electric:evlink_parking_evp2pe:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_smart_wallbox_evb1a_firmware>>Versions before 3.4.0.2(exclusive)
cpe:2.3:o:schneider-electric:evlink_smart_wallbox_evb1a_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>evlink_smart_wallbox_evb1a>>-
cpe:2.3:h:schneider-electric:evlink_smart_wallbox_evb1a:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-613Primarynvd@nist.gov
CWE ID: CWE-613
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-348-02cybersecurity@se.com
Patch
Vendor Advisory
Hyperlink: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-348-02
Source: cybersecurity@se.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

193Records found
CVE-2017-6034
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.16% / 37.80%
||
7 Day CHG~0.00%
Published-30 Jun, 2017 | 02:35
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download.

Action-Not Available
Vendor-n/aSchneider Electric SE
Product-modbus_firmwaremodbusSchneider Electric Modicon Modbus Protocol
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-294
Authentication Bypass by Capture-replay
CVE-2017-6028
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 45.71%
||
7 Day CHG~0.00%
Published-30 Jun, 2017 | 02:35
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. Log-in credentials are sent over the network with Base64 encoding leaving them susceptible to sniffing. Sniffed credentials could then be used to log into the web application.

Action-Not Available
Vendor-n/aSchneider Electric SE
Product-modicon_m241modicon_m251modicon_m251_firmwaremodicon_m241_firmwareSchneider Electric Modicon PLCs
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-34756
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-8.8||HIGH
EPSS-1.87% / 82.33%
||
7 Day CHG~0.00%
Published-13 Jul, 2022 | 21:10
Updated-17 Sep, 2024 | 04:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs stack which is used for the device Web HMI. Affected Products: Easergy P5 (V01.401.102 and prior)

Action-Not Available
Vendor-
Product-easergy_p5_firmwareeasergy_p5Easergy P5
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-5155
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-0.64% / 69.64%
||
7 Day CHG~0.00%
Published-13 Feb, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well.

Action-Not Available
Vendor-n/aSchneider Electric SE
Product-wonderware_historianSchneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2022-32529
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-4.42% / 88.59%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)

Action-Not Available
Vendor-Schneider Electric SE
Product-interactive_graphical_scada_systemIGSS Data Server (IGSSdataServer.exe)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-32519
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-8||HIGH
EPSS-0.19% / 41.34%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-data_center_expertData Center Expert
CWE ID-CWE-257
Storing Passwords in a Recoverable Format
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-32514
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.20% / 41.74%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to gain control of the device when logging into a web page. Affected Products: C-Bus Network Automation Controller - LSS5500NAC (Versions prior to V1.10.0), Wiser for C-Bus Automation Controller - LSS5500SHAC (Versions prior to V1.10.0), Clipsal C-Bus Network Automation Controller - 5500NAC (Versions prior to V1.10.0), Clipsal Wiser for C-Bus Automation Controller - 5500SHAC (Versions prior to V1.10.0), SpaceLogic C-Bus Network Automation Controller - 5500NAC2 (Versions prior to V1.10.0), SpaceLogic C-Bus Application Controller - 5500AC2 (Versions prior to V1.10.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-5500ac2_firmware5500shaclss5500nac5500ac2lss5500shaclss5500nac_firmwarelss5500shac_firmware5500nac_firmware5500nac5500nac25500shac_firmware5500nac2_firmwareClipsal C-Bus Network Automation Controller, 5500NACSpaceLogic C-Bus Network Automation Controller, 5500NAC2Clipsal Wiser for C-Bus Automation Controller, 5500SHACWiser for C-Bus Automation Controller, LSS5500SHACSpaceLogic C-Bus Application Controller, 5500AC2C-Bus Network Automation Controller, LSS5500NAC
CWE ID-CWE-287
Improper Authentication
CVE-2022-32513
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.18% / 40.22%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain control of the device when the attacker brute forces the password. Affected Products: C-Bus Network Automation Controller - LSS5500NAC (Versions prior to V1.10.0), Wiser for C-Bus Automation Controller - LSS5500SHAC (Versions prior to V1.10.0), Clipsal C-Bus Network Automation Controller - 5500NAC (Versions prior to V1.10.0), Clipsal Wiser for C-Bus Automation Controller - 5500SHAC (Versions prior to V1.10.0), SpaceLogic C-Bus Network Automation Controller - 5500NAC2 (Versions prior to V1.10.0), SpaceLogic C-Bus Application Controller - 5500AC2 (Versions prior to V1.10.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-5500ac2_firmware5500shaclss5500nac5500ac2lss5500shaclss5500nac_firmwarelss5500shac_firmware5500nac_firmware5500nac5500nac25500shac_firmware5500nac2_firmwareClipsal C-Bus Network Automation Controller, 5500NACSpaceLogic C-Bus Network Automation Controller, 5500NAC2Clipsal Wiser for C-Bus Automation Controller, 5500SHACWiser for C-Bus Automation Controller, LSS5500SHACSpaceLogic C-Bus Application Controller, 5500AC2C-Bus Network Automation Controller, LSS5500NAC
CWE ID-CWE-521
Weak Password Requirements
CVE-2022-32524
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-4.42% / 88.59%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted time reduced data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)

Action-Not Available
Vendor-Schneider Electric SE
Product-interactive_graphical_scada_systemIGSS Data Server (IGSSdataServer.exe)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-32518
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-8||HIGH
EPSS-0.16% / 37.70%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32520. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-data_center_expertData Center Expert
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-32526
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-3.61% / 87.32%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted setting value messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)

Action-Not Available
Vendor-Schneider Electric SE
Product-interactive_graphical_scada_systemIGSS Data Server (IGSSdataServer.exe)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-7497
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-1.49% / 80.24%
||
7 Day CHG~0.00%
Published-16 Jun, 2020 | 19:13
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause arbitrary application execution when the computer starts.

Action-Not Available
Vendor-n/a
Product-ecostruxure_operator_terminal_expertEcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-32527
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-3.61% / 87.32%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)

Action-Not Available
Vendor-Schneider Electric SE
Product-interactive_graphical_scada_systemIGSS Data Server (IGSSdataServer.exe)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-32520
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-8||HIGH
EPSS-0.16% / 37.70%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-data_center_expertData Center Expert
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-7485
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.53%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 21:03
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_xpwindows_nttristation_1131TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)
CVE-2022-32523
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-4.42% / 88.59%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted online data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)

Action-Not Available
Vendor-Schneider Electric SE
Product-interactive_graphical_scada_systemIGSS Data Server (IGSSdataServer.exe)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-32522
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-3.78% / 87.61%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted mathematically reduced data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)

Action-Not Available
Vendor-Schneider Electric SE
Product-interactive_graphical_scada_systemIGSS Data Server (IGSSdataServer.exe)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-7512
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.79%
||
7 Day CHG~0.00%
Published-16 Jun, 2020 | 19:45
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to exploit the component.

Action-Not Available
Vendor-n/a
Product-easergy_t300easergy_t300_firmwareEasergy T300 (Firmware version 1.5.2 and older)
CWE ID-CWE-1103
Use of Platform-Dependent Third Party Components
CVE-2022-32525
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-3.61% / 87.32%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)

Action-Not Available
Vendor-Schneider Electric SE
Product-interactive_graphical_scada_systemIGSS Data Server (IGSSdataServer.exe)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-7489
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 63.71%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 18:15
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.

Action-Not Available
Vendor-n/a
Product-modicon_m200modicon_m100_firmwaremodicon_m221ecostruxure_machine_expertmodicon_m200_firmwaresomachine_basicmodicon_m221_firmwaremodicon_m100SoMachine Basic (all versions)EcoStruxure Machine Expert – Basic (all versions)Modicon M100 Logic Controller (all versions)Modicon M200 Logic Controller (all versions)Modicon M221 Logic Controller (all versions)
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-7561
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-1.59% / 80.88%
||
7 Day CHG~0.00%
Published-19 Nov, 2020 | 00:00
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that could cause a wide range of problems, including information exposure, denial of service, and command execution when access to a resource from an attacker is not restricted or incorrectly restricted.

Action-Not Available
Vendor-n/a
Product-easergy_t300easergy_t300_firmwareEasergy T300 with firmware 2.7 and older
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-7540
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.66%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 00:52
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.

Action-Not Available
Vendor-n/a
Product-140noc78100140cpu65150140noc78000_firmwaretsxp575634_firmware140noc78000bmxnoe0110_firmware140cpu65160_firmwaretsxp574634modicon_m340_bmxp3420102clmodicon_m340_bmxp3420302_firmwarebmxnor200h_firmware140noc78100_firmwaremodicon_m340_bmxp342000140cpu65160modicon_m340_bmxp3420302cl_firmwaremodicon_m340_bmxp341000140noe77111_firmwaremodicon_m340_bmxp342020_firmware140noc77101_firmwaremodicon_m340_bmxp3420102_firmware140noc77101bmxnoe0110140noe77101tsxety5103_firmwaremodicon_m340_bmxp3420102cl_firmwaretsxety5103tsxp574634_firmwarebmxnoc0401_firmware140noe77111modicon_m340_bmxp3420302clmodicon_m340_bmxp3420302140noe77101_firmwaremodicon_m340_bmxp342020bmxnoe0100_firmwaretsxp576634modicon_m340_bmxp341000_firmwaretsxety4103_firmwarebmxnor200htsxp576634_firmwarebmxnoc0401modicon_m340_bmxp342000_firmwarebmxnoe0100140cpu65150_firmwaremodicon_m340_bmxp3420102tsxety4103tsxp575634Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-7475
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 67.64%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 18:56
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20), Modicon M580 (all versions prior to V3.10), which, if exploited, could allow attackers to transfer malicious code to the controller.

Action-Not Available
Vendor-n/a
Product-ecostruxure_control_expertmodicon_m580_firmwareunity_promodicon_m340modicon_m340_firmwaremodicon_m580EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20), Modicon M580 (all versions prior to V3.10)
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-7480
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 67.64%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 19:24
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data.

Action-Not Available
Vendor-n/a
Product-andover_continuum_9941_firmwareandover_continuum_5720_firmwareandover_continuum_9924andover_continuum_9900_firmwareandover_continuum_5740_firmwareandover_continuum_9940andover_continuum_bcx9640andover_continuum_9702andover_continuum_9900andover_continuum_9924_firmwareandover_continuum_9680andover_continuum_9702_firmwareandover_continuum_9941andover_continuum_bcx9640_firmwareandover_continuum_9940_firmwareandover_continuum_5740andover_continuum_9200_firmwareandover_continuum_bcx4040_firmwareandover_continuum_bcx4040andover_continuum_9200andover_continuum_9680_firmwareandover_continuum_5720Andover Continuum (All versions)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-29411
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-5.99% / 90.32%
||
7 Day CHG~0.00%
Published-18 Apr, 2023 | 20:49
Updated-05 Feb, 2025 | 21:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface.

Action-Not Available
Vendor-Microsoft CorporationSchneider Electric SE
Product-windows_server_2016apc_easy_ups_online_monitoring_softwareeasy_ups_online_monitoring_softwarewindows_11windows_10windows_server_2022windows_server_2019Schneider Electric Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2023-25550
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-7.2||HIGH
EPSS-2.76% / 85.43%
||
7 Day CHG~0.00%
Published-18 Apr, 2023 | 20:36
Updated-12 Feb, 2025 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that allows remote code execution via the “hostname” parameter when maliciously crafted hostname syntax is entered. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

Action-Not Available
Vendor-Schneider Electric SE
Product-struxureware_data_center_expertStruxureWare Data Center Expert
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-7522
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.73% / 71.80%
||
7 Day CHG~0.00%
Published-31 Aug, 2020 | 16:10
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `SoundUploadServlet` which may lead to uploading executable files to non-specified directories.

Action-Not Available
Vendor-n/a
Product-apc_easy_ups_online_softwareSFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-7508
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 48.83%
||
7 Day CHG~0.00%
Published-16 Jun, 2020 | 19:44
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force.

Action-Not Available
Vendor-n/a
Product-easergy_t300easergy_t300_firmwareEasergy T300 (Firmware version 1.5.2 and older)
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2023-29412
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-4.67% / 88.89%
||
7 Day CHG~0.00%
Published-18 Apr, 2023 | 20:50
Updated-05 Feb, 2025 | 21:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when manipulating internal methods through Java RMI interface.

Action-Not Available
Vendor-Microsoft CorporationSchneider Electric SE
Product-windows_server_2016apc_easy_ups_online_monitoring_softwareeasy_ups_online_monitoring_softwarewindows_11windows_10windows_server_2022windows_server_2019Schneider Electric Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-30235
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-8.6||HIGH
EPSS-0.34% / 55.81%
||
7 Day CHG~0.00%
Published-02 Jun, 2022 | 22:45
Updated-16 Sep, 2024 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow unauthorized access when an attacker uses brute force. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior)

Action-Not Available
Vendor-
Product-wiser_smart_eer21000wiser_smart_eer21001_firmwarewiser_smart_eer21000_firmwarewiser_smart_eer21001Wiser Smart
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2022-30234
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.4||CRITICAL
EPSS-0.47% / 63.56%
||
7 Day CHG~0.00%
Published-02 Jun, 2022 | 22:45
Updated-16 Sep, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior)

Action-Not Available
Vendor-
Product-wiser_smart_eer21000wiser_smart_eer21001_firmwarewiser_smart_eer21000_firmwarewiser_smart_eer21001Wiser Smart
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-25549
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-7.2||HIGH
EPSS-2.76% / 85.43%
||
7 Day CHG~0.00%
Published-18 Apr, 2023 | 20:35
Updated-03 Mar, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that allows for remote code execution when using a parameter of the DCE network settings endpoint. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

Action-Not Available
Vendor-Schneider Electric SE
Product-struxureware_data_center_expertStruxureWare Data Center Expert
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-30238
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-8.3||HIGH
EPSS-0.26% / 48.89%
||
7 Day CHG~0.00%
Published-02 Jun, 2022 | 22:45
Updated-17 Sep, 2024 | 03:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over the admin account when an attacker hijacks a session. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior)

Action-Not Available
Vendor-
Product-wiser_smart_eer21000wiser_smart_eer21001_firmwarewiser_smart_eer21000_firmwarewiser_smart_eer21001Wiser Smart
CWE ID-CWE-287
Improper Authentication
CVE-2022-24311
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-3.70% / 87.48%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by inserting at beginning of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

Action-Not Available
Vendor-n/a
Product-interactive_graphical_scada_system_data_serverInteractive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-24324
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-2.32% / 84.15%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 00:00
Updated-05 Feb, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22073)

Action-Not Available
Vendor-Schneider Electric SE
Product-interactive_graphical_scada_systemIGSS Data Server (IGSSdataServer.exe)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24312
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-1.75% / 81.80%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

Action-Not Available
Vendor-n/a
Product-interactive_graphical_scada_system_data_serverInteractive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-2329
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-3.09% / 86.26%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 00:00
Updated-05 Feb, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22073)

Action-Not Available
Vendor-Schneider Electric SE
Product-interactive_graphical_scada_systemIGSS Data Server (IGSSdataServer.exe)
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-22731
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 45.63%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in a function that could allow an attacker to create or overwrite critical files that are used to execute code, such as programs or libraries and cause path traversal attacks. Affected Products: EcoStruxure Power Commission (Versions prior to V2.22)

Action-Not Available
Vendor-Schneider Electric SE
Product-ecostruxure_power_commissionEcoStruxure Power Commission
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-22806
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 45.29%
||
7 Day CHG~0.00%
Published-09 Mar, 2022 | 19:30
Updated-03 Aug, 2024 | 03:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)

Action-Not Available
Vendor-
Product-scl_series_1036_upssmc_series_1018_ups_firmwaresmtl_series_1026_upsscl_series_1029_ups_firmwaresmt_series_1015_upssmtl_series_1026_ups_firmwarescl_series_1030_ups_firmwaresmt_series_1015_ups_firmwaresmx_series_1031_ups_firmwaresmx_series_1031_upsscl_series_1037_ups_firmwarescl_series_1037_upsscl_series_1036_ups_firmwaresmc_series_1018_upsscl_series_1030_upsscl_series_1029_upsSmartConnect
CWE ID-CWE-294
Authentication Bypass by Capture-replay
CVE-2020-28212
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-1.40% / 79.62%
||
7 Day CHG~0.00%
Published-19 Nov, 2020 | 21:03
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus.

Action-Not Available
Vendor-n/a
Product-ecostruxure_control_expertPLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2020-28221
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.06%
||
7 Day CHG~0.00%
Published-25 Jan, 2021 | 17:08
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.

Action-Not Available
Vendor-n/a
Product-st-6400wasp-5600tpsp-5700wcst-6700wahmist6400pro-face_bluehmi_sto_501hmist6200hmi_sto_512st-6500wahmig3xsp-5800wcst-6200wast-6600wasp-5b10hmi_sto_511hmi_sto_531hmist6700hmist6500gp-4105gsp-5600wagp-4106ghmig5u2ecostruxure_operator_terminal_expertgp-4106wsp-5660tphmig5usp-5400wagp-4105whmi_sto_532gp-4107wgp-4104gsp-5b00sp-5500tphmist6600sp-5500wahmig3usp-5700tpsp-5b41gp-4107gsp-5600tagp-4104wEcoStruxure™ Operator Terminal Expert 3.1 Service Pack 1A and prior running on Harmony HMIs HMIST6 Series, HMIG3U in HMIGTU Series, HMISTO Series and Pro-face BLUE 3.1 Service Pack 1A and prior running on Pro-face HMIs: ST6000 Series, SP-5B41 in SP5000 Series, GP4100 Series
CWE ID-CWE-20
Improper Input Validation
CVE-2022-0223
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 45.67%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow an attacker to create or overwrite critical files that are used to execute code, such as programs or libraries and cause unauthenticated code execution. Affected Products: EcoStruxure Power Commission (Versions prior to V2.22)

Action-Not Available
Vendor-Schneider Electric SE
Product-ecostruxure_power_commissionEcoStruxure Power Commission
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-26507
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.70% / 90.86%
||
7 Day CHG~0.00%
Published-14 Apr, 2022 | 12:04
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828, CVE-2021-21829, or CVE-2021-21830. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-attn/a
Product-ecostruxure_process_expertecostruxure_control_expertremoteconnectxmillscadapack_470scadapack_570scadapack_574scadapack_575scadapack_474n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-25176
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.1||CRITICAL
EPSS-2.61% / 85.07%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 18:00
Updated-16 Apr, 2025 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ISaGRAF5 Runtime Relative Path Traversal

Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution.

Action-Not Available
Vendor-xylemRockwell Automation, Inc.
Product-micro850saitel_dpmultismart_firmwareisagraf_runtimeeasergy_t300epas_gtwmicro820pacis_gtw_firmwaremicro830micro830_firmwaremicro870_firmwaremicro820_firmwaremicro870easergy_c5_firmwaresaitel_drmicro850_firmwarepacis_gtwsaitel_dr_firmwarecp-3saitel_dp_firmwareisagraf_free_runtimeepas_gtw_firmwareeasergy_c5micom_c264mc-31aadvance_controllermicom_c264_firmwarescd2200_firmwareeasergy_t300_firmwaremicro810micro810_firmwareISaGRAF Runtime
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-24313
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-4.71% / 88.94%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

Action-Not Available
Vendor-n/a
Product-interactive_graphical_scada_system_data_serverInteractive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24310
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-1.64% / 81.19%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

Action-Not Available
Vendor-n/a
Product-interactive_graphical_scada_system_data_serverInteractive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-22813
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.35%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 03:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the TLS cryptographic key and take active control of the Courier tunneling communication network, they could potentially observe and manipulate traffic associated with product configuration.

Action-Not Available
Vendor-n/a
Product-easergy_p746_firmwareeasergy_p742easergy_p849easergy_p441easergy_p142_firmwareeasergy_p546easergy_p543easergy_p541easergy_p143_firmwareeasergy_p141easergy_p342easergy_p542easergy_p241_firmwareeasergy_p545_firmwareeasergy_p243_firmwareeasergy_p446easergy_p741easergy_p642easergy_p541_firmwareeasergy_p342_firmwareeasergy_p645easergy_p345_firmwareeasergy_p743easergy_p145easergy_p343_firmwareeasergy_p849_firmwareeasergy_p643_firmwareeasergy_p242_firmwareeasergy_p545easergy_p344easergy_p142easergy_p442easergy_p544easergy_p143easergy_p441_firmwareeasergy_p743_firmwareeasergy_p542_firmwareeasergy_p645_firmwareeasergy_p242easergy_p841easergy_p343easergy_p543_firmwareeasergy_p443_firmwareeasergy_p446_firmwareeasergy_p445_firmwareeasergy_p341_firmwareeasergy_p742_firmwareeasergy_p444_firmwareeasergy_p445easergy_p444easergy_p642_firmwareeasergy_p341easergy_p544_firmwareeasergy_p442_firmwareeasergy_p741_firmwareeasergy_p141_firmwareeasergy_p841_firmwareeasergy_p241easergy_p344_firmwareeasergy_p746easergy_p643easergy_p546_firmwareeasergy_p145_firmwareeasergy_p443easergy_p345easergy_p243Easergy P40 Series model numbers with Ethernet option bit as Q, R, S (All PX4X firmware Versions)
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-22805
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-8.20% / 91.85%
||
7 Day CHG~0.00%
Published-09 Mar, 2022 | 19:30
Updated-03 Aug, 2024 | 03:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)

Action-Not Available
Vendor-
Product-scl_series_1036_upssmc_series_1018_ups_firmwaresmtl_series_1026_upsscl_series_1029_ups_firmwaresmt_series_1015_upssmtl_series_1026_ups_firmwarescl_series_1030_ups_firmwaresmt_series_1015_ups_firmwaresmx_series_1031_ups_firmwaresmx_series_1031_upsscl_series_1037_ups_firmwarescl_series_1037_upsscl_series_1036_ups_firmwaresmc_series_1018_upsscl_series_1030_upsscl_series_1029_upsSmartConnect
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-22810
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 52.94%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 03:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an attacker to manipulate the admin after numerous attempts at guessing credentials. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior)

Action-Not Available
Vendor-n/a
Product-fellerlynkwiser_for_knxspacelynkwiser_for_knx_firmwarefellerlynk_firmwarespacelynk_firmwarespaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior)
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2019-6808
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-3.84% / 87.70%
||
7 Day CHG~0.00%
Published-22 May, 2019 | 20:05
Updated-04 Aug, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus.

Action-Not Available
Vendor-n/a
Product-modicon_quantummodicon_quantum_firmwaremodicon_m580_firmwaremodicon_premium_firmwaremodicon_premiummodicon_m340modicon_m340_firmwaremodicon_m580Modicon M580 Modicon M340 Modicon Quantum Modicon Premium
CWE ID-CWE-306
Missing Authentication for Critical Function
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found