Vulnerabilities > Schneider Electric > Ecostruxure Process Expert > 2021

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-30	CVE-2022-45788	Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. network low complexity schneider-electric CWE-754 critical	9.8
2022-04-14	CVE-2022-26507	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. network low complexity att schneider-electric CWE-787 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.