Filtered by vendor Schneider-electric
Subscriptions
Filtered by product Ecostruxure Control Expert
Subscriptions
Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-24322 | 1 Schneider-electric | 1 Ecostruxure Control Expert | 2024-08-03 | 5.3 Medium |
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Control Expert (V15.0 SP1 and prior) | ||||
CVE-2023-27976 | 1 Schneider-electric | 1 Ecostruxure Control Expert | 2024-08-02 | 8.8 High |
A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote code execution when a valid user visits a malicious link provided through the web endpoints. Affected Products: EcoStruxure Control Expert (V15.1 and above) | ||||
CVE-2023-1548 | 1 Schneider-electric | 1 Ecostruxure Control Expert | 2024-08-02 | 5.5 Medium |
A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to perform a denial of service through the console server service that is part of EcoStruxure Control Expert. Affected Products: EcoStruxure Control Expert (V15.1 and above) |