Vulnerabilities > Schneider Electric > Guicon > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-22807 | Out-of-bounds Write vulnerability in Schneider-Electric Guicon 2.0 A CWE-787: Out-of-bounds Write vulnerability exists that could cause arbitrary code execution when a malicious *.gd1 configuration file is loaded into the GUIcon tool. | 6.8 |
| 2022-01-28 | CVE-2021-22808 | Use After Free vulnerability in Schneider-Electric Guicon 2.0 A CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution when a malicious *.gd1 configuration file is loaded into the GUIcon tool. | 6.8 |
| 2022-01-28 | CVE-2021-22809 | Out-of-bounds Read vulnerability in Schneider-Electric Guicon 2.0 A CWE-125:Out-of-Bounds Read vulnerability exists that could cause unintended data disclosure when a malicious *.gd1 configuration file is loaded into the GUIcon tool. | 4.3 |
| 2019-02-06 | CVE-2018-7815 | Incorrect Type Conversion or Cast vulnerability in Schneider-Electric Guicon 2.0 A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file | 6.8 |
| 2019-02-06 | CVE-2018-7814 | Out-of-bounds Write vulnerability in Schneider-Electric Guicon 2.0 A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file | 6.8 |
| 2019-02-06 | CVE-2018-7813 | Incorrect Type Conversion or Cast vulnerability in Schneider-Electric Guicon 2.0 A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file | 6.8 |