Vulnerabilities > Schneider Electric > Ecostruxure Control Expert > 15.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-18 | CVE-2023-1548 | Improper Privilege Management vulnerability in Schneider-Electric Ecostruxure Control Expert 15.1 A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to perform a denial of service through the console server service that is part of EcoStruxure Control Expert. | 5.5 |
2023-04-18 | CVE-2023-27976 | Exposure of Resource to Wrong Sphere vulnerability in Schneider-Electric Ecostruxure Control Expert 15.1 A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote code execution when a valid user visits a malicious link provided through the web endpoints. | 8.8 |
2022-04-14 | CVE-2022-26507 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. | 9.8 |