Search
Search Results (16 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-9650 | 1 Schneider Electric | 2 Easylogic T150 (formerly Saitel Dr) Remote Terminal Unit & Controller, Saitel Dp Remote Terminal Unit & Controller | 2026-06-26 | N/A |
| CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthenticated attacker accesses credentials stored within firmware or system files. With this credential an attacker could subsequently compromise the device if they have physical access to the device. | ||||
| CVE-2026-9651 | 1 Schneider Electric | 2 Easylogic T150 (formerly Saitel Dr) Remote Terminal Unit & Controller, Saitel Dp Remote Terminal Unit & Controller | 2026-06-26 | N/A |
| CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files. | ||||
| CVE-2024-9005 | 1 Schneider Electric | 1 Ecostruxure Power Monitoring Expert | 2026-04-15 | N/A |
| CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server. | ||||
| CVE-2024-8884 | 1 Schneider Electric | 1 System Monitor Application In Harmony Industrial Pc Hmibmo Hmibmi Hmipso Hmibmp Hmibmu Hmipsp Hmipep Series | 2026-04-15 | 9.8 Critical |
| CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause exposure of credentials when attacker has access to application on network over http | ||||
| CVE-2014-5399 | 2 Invensys, Schneider Electric | 2 Wonderware Information Server, Wonderware Information Server Portal | 2025-11-01 | N/A |
| SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-5398 | 2 Invensys, Schneider Electric | 2 Wonderware Information Server, Wonderware Information Server Portal | 2025-11-01 | N/A |
| Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | ||||
| CVE-2014-5397 | 2 Invensys, Schneider Electric | 2 Wonderware Information Server, Wonderware Information Server Portal | 2025-11-01 | N/A |
| Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-2381 | 2 Invensys, Schneider Electric | 2 Wonderware Information Server, Wonderware Information Server Portal | 2025-11-01 | N/A |
| Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file. | ||||
| CVE-2014-2380 | 2 Invensys, Schneider Electric | 2 Wonderware Information Server, Wonderware Information Server Portal | 2025-11-01 | N/A |
| Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file. | ||||
| CVE-2024-5681 | 2 Schneider-electric, Schneider Electric | 2 Ecostruxure Foxboro Dcs Control Core Services, Ecostruxure Foxboro Dcs Core Control Services | 2025-08-27 | 7.8 High |
| CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. | ||||
| CVE-2014-9188 | 1 Schneider Electric | 1 Proclima | 2025-07-24 | N/A |
| Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on details provided by researchers. | ||||
| CVE-2017-5157 | 2 Schneider-electric, Schneider Electric | 2 Homelynk Controller Lss100100, Homelynk Controller Lss100100 Firmware | 2025-04-20 | N/A |
| An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. The homeLYnk controller is susceptible to a cross-site scripting attack. User inputs can be manipulated to cause execution of JavaScript code. | ||||
| CVE-2014-8514 | 1 Schneider Electric | 1 Proclima | 2025-04-12 | N/A |
| Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers. | ||||
| CVE-2014-8512 | 1 Schneider Electric | 1 Proclima | 2025-04-12 | N/A |
| Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8511. NOTE: this may be clarified later based on details provided by researchers. | ||||
| CVE-2014-8513 | 1 Schneider Electric | 1 Proclima | 2025-04-12 | N/A |
| Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8514 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers. | ||||
| CVE-2013-0662 | 2 Schneider-electric, Schneider Electric | 13 Concept, Modbus Serial Driver, Modbuscommdtm Sl and 10 more | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header. | ||||
Page 1 of 1.