Vulnerabilities > Schneider Electric > C BUS Toolkit
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-04 | CVE-2023-5402 | Improper Privilege Management vulnerability in Schneider-Electric C-Bus Toolkit A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code execution when the transfer command is used over the network. | 9.8 |
| 2022-02-11 | CVE-2021-22748 | Path Traversal vulnerability in Schneider-Electric C-Bus Toolkit 1.15.8/1.15.9 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. | 6.5 |
| 2021-07-21 | CVE-2021-22784 | Missing Authentication for Critical Function vulnerability in Schneider-Electric C-Bus Toolkit 1.15.8 A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system. | 3.5 |
| 2021-04-13 | CVE-2021-22720 | Path Traversal vulnerability in Schneider-Electric C-Bus Toolkit A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring a project. | 6.5 |
| 2021-04-13 | CVE-2021-22719 | Path Traversal vulnerability in Schneider-Electric C-Bus Toolkit A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file is uploaded. | 6.5 |
| 2021-04-13 | CVE-2021-22718 | Path Traversal vulnerability in Schneider-Electric C-Bus Toolkit A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files. | 6.8 |
| 2021-04-13 | CVE-2021-22717 | Path Traversal vulnerability in Schneider-Electric C-Bus Toolkit A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files. | 6.5 |
| 2021-04-13 | CVE-2021-22716 | Incorrect Permission Assignment for Critical Resource vulnerability in Schneider-Electric C-Bus Toolkit A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. | 7.8 |