Vulnerabilities > Schneider Electric > Ecostruxure IT Gateway
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-13 | CVE-2024-10575 | Unspecified vulnerability in Schneider-Electric Ecostruxure IT Gateway CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices. | 9.8 |
| 2024-06-12 | CVE-2024-0865 | Unspecified vulnerability in Schneider-Electric Ecostruxure IT Gateway CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user. | 7.8 |
| 2020-05-14 | CVE-2020-10626 | Uncontrolled Search Path Element vulnerability in multiple products In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code. | 7.8 |