| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption. |
| Schneider Electric Trio J-Series License Free Ethernet Radio with firmware 3.6.0 through 3.6.3 uses the same AES encryption key across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. |
| Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
| The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions via crafted configuration data. |
|
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that
could cause an interpretation of malicious payload data, potentially leading to remote code
execution when an attacker gets the user to open a malicious file.
|
|
A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker
with a local privileged account to place a specially crafted file on the target machine, which may
give the attacker the ability to execute arbitrary code during the installation process initiated by a
valid user. Affected Products: Easergy Builder Installer (1.7.23 and prior) |
|
A CWE-863: Incorrect Authorization vulnerability exists that could allow access to device
credentials on specific DCE endpoints not being properly secured when a hacker is using a low
privileged user.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
|
|
A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized
content, changes or deleting of content, or performing unauthorized functions when tampering
the Device File Transfer settings on DCE endpoints.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
|
|
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
allows for remote code execution when using a parameter of the DCE network settings
endpoint.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
|
|
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update
Service that could allow a local attacker to change update source, potentially leading to remote
code execution when the attacker force an update containing malicious content.
|
|
A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote
code execution when the transfer command is used over the network.
|
|
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path
Traversal') vulnerability exists that could cause tampering of files on the personal computer
running C-Bus when using the File Command.
|
|
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker to
execute arbitrary code on the targeted system by sending a specifically crafted packet to the
application.
|
|
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting') vulnerability exists on a DCE file upload endpoint when tampering with parameters
over HTTP.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
|
|
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
allows remote code execution via the “hostname” parameter when maliciously crafted hostname
syntax is entered.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
|
|
A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS
Command Injection') vulnerability exists that allows a local privilege escalation on the appliance
when a maliciously crafted Operating System command is entered on the device.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
|
|
A CWE-863: Incorrect Authorization vulnerability exists that could allow remote code execution
on upload and install packages when a hacker is using a low privileged user account. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
|
|
A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS
Command Injection') vulnerability exists that could allow a user that knows the credentials to
execute unprivileged shell commands on the appliance over SSH.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
|
|
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting') vulnerability exists on a DCE endpoint through the logging capabilities of the
webserver.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
|
