Vulnerabilities > Schneider Electric > Ecostruxure Process Expert > 2021

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-14	CVE-2023-27975	Unspecified vulnerability in Schneider-Electric products CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering workstation. local low complexity schneider-electric	7.1
2024-02-14	CVE-2023-6408	Unspecified vulnerability in Schneider-Electric products CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack. network high complexity schneider-electric	8.1
2024-02-14	CVE-2023-6409	Unspecified vulnerability in Schneider-Electric products CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to a project file protected with application password when opening the file with EcoStruxure Control Expert. local low complexity schneider-electric	7.7

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.