Known Vulnerabilities for products from Schneider Electric

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Schneider Electric".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Additional devices specifications by Schneider Electric can be found at device.report : Schneider Electric

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2020-7523 json Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for ... 7.8 - HIGH 2020-08-31 2021-06-04
CVE-2018-7238 json A buffer overflow vulnerability exist in the web-based GUI of Schneider Electric's Pelco Sarix Professional in all firmware v... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7237 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.1 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7236 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 8.1 - HIGH 2018-03-09 2022-02-02
CVE-2018-7235 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 7.5 - HIGH 2018-03-09 2022-02-02
CVE-2018-7234 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 7.5 - HIGH 2018-03-09 2022-02-02
CVE-2018-7233 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7232 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7231 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7230 json A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component of the Schneider Electric's... 8.8 - HIGH 2018-03-09 2022-02-02
CVE-2018-7229 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7228 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7227 json A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 5.3 - MEDIUM 2018-03-09 2022-02-02
CVE-2017-9631 json A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 a... 7.5 - HIGH 2017-07-07 2023-02-01
CVE-2017-9629 json A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.... 9.8 - CRITICAL 2017-07-07 2023-02-02
CVE-2017-9627 json An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.42... 8.6 - HIGH 2017-07-07 2023-02-01
CVE-2017-7689 json A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. 9.8 - CRITICAL 2017-04-11 2022-02-02
CVE-2017-5178 json An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versio... 9.8 - CRITICAL 2017-03-08 2021-06-04
CVE-2017-5160 json An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5... 5.3 - MEDIUM 2017-04-20 2021-08-31
CVE-2017-5158 json An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and pri... 9.8 - CRITICAL 2017-04-20 2021-09-09
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Schneider Electric

Type Vendor Product Version
ApplicationSchneider ElectricIndusoft Web Studio7.1
HardwareSchneider ElectricSage 1410-
HardwareSchneider ElectricSage 1430-
HardwareSchneider ElectricSage 1450-
HardwareSchneider ElectricSage 2300-
HardwareSchneider ElectricSage 2400-
HardwareSchneider ElectricSage 3030m-
HardwareSchneider ElectricSage Landac Ii-2-
HardwareSchneider ElectricStruxureware Building Operations Automation Server As-
HardwareSchneider ElectricStruxureware Building Operations Automation Server As-p-
Operating
System		Schneider ElectricStruxureware Building Operations Automation Server As-p Firmware1.7
Operating
System		Schneider ElectricStruxureware Building Operations Automation Server As Firmware1.7
Operating
System		Schneider ElectricTelvent Rtu Firmwarec3413-500-001d3
ApplicationSchneider ElectricU.motion1.3.4
ApplicationSchneider ElectricWonderware Archestra Logger2017.426.2307.1
ApplicationSchneider ElectricWonderware Intouch 20147.1