Filtered by vendor Schneider-electric
Subscriptions
Filtered by product Ecostruxure Control Expert
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-28212 | 1 Schneider-electric | 1 Ecostruxure Control Expert | 2024-11-21 | 9.8 Critical |
| A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus. | ||||
| CVE-2020-28211 | 1 Schneider-electric | 1 Ecostruxure Control Expert | 2024-11-21 | 7.8 High |
| A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause bypass of authentication when overwriting memory using a debugger. | ||||
| CVE-2019-6855 | 1 Schneider-electric | 44 Ecostruxure Control Expert, Modicon M340 Bmxp341000, Modicon M340 Bmxp341000 Firmware and 41 more | 2024-11-21 | 7.3 High |
| Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers. | ||||