Known Vulnerabilities for products from Schneider Electric

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Schneider Electric".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Additional devices specifications by Schneider Electric can be found at device.report : Schneider Electric

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2020-7523 Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for ... 7.8 - HIGH 2020-08-31 2021-06-04
CVE-2018-7238 A buffer overflow vulnerability exist in the web-based GUI of Schneider Electric's Pelco Sarix Professional in all firmware v... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7237 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.1 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7236 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 8.1 - HIGH 2018-03-09 2022-02-02
CVE-2018-7235 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 7.5 - HIGH 2018-03-09 2022-02-02
CVE-2018-7234 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 7.5 - HIGH 2018-03-09 2022-02-02
CVE-2018-7233 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7232 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7231 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7230 A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component of the Schneider Electric's... 8.8 - HIGH 2018-03-09 2022-02-02
CVE-2018-7229 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7228 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 9.8 - CRITICAL 2018-03-09 2022-02-02
CVE-2018-7227 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could... 5.3 - MEDIUM 2018-03-09 2022-02-02
CVE-2017-9631 A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 a... 7.5 - HIGH 2017-07-07 2023-02-01
CVE-2017-9629 A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.... 9.8 - CRITICAL 2017-07-07 2023-02-02
CVE-2017-9627 An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.42... 8.6 - HIGH 2017-07-07 2023-02-01
CVE-2017-7689 A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. 9.8 - CRITICAL 2017-04-11 2022-02-02
CVE-2017-5178 An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versio... 9.8 - CRITICAL 2017-03-08 2021-06-04
CVE-2017-5160 An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5... 5.3 - MEDIUM 2017-04-20 2021-08-31
CVE-2017-5158 An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and pri... 9.8 - CRITICAL 2017-04-20 2021-09-09
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Schneider Electric

Type Vendor Product Version
ApplicationSchneider ElectricIndusoft Web Studio7.1
HardwareSchneider ElectricSage 1410-
HardwareSchneider ElectricSage 1430-
HardwareSchneider ElectricSage 1450-
HardwareSchneider ElectricSage 2300-
HardwareSchneider ElectricSage 2400-
HardwareSchneider ElectricSage 3030m-
HardwareSchneider ElectricSage Landac Ii-2-
HardwareSchneider ElectricStruxureware Building Operations Automation Server As-
Operating
System		Schneider ElectricStruxureware Building Operations Automation Server As Firmware1.7
HardwareSchneider ElectricStruxureware Building Operations Automation Server As-p-
Operating
System		Schneider ElectricStruxureware Building Operations Automation Server As-p Firmware1.7
Operating
System		Schneider ElectricTelvent Rtu Firmwarec3413-500-001d3
ApplicationSchneider ElectricU.motion1.3.4
ApplicationSchneider ElectricWonderware Archestra Logger2017.426.2307.1
ApplicationSchneider ElectricWonderware Intouch 20147.1