Vulnerabilities > Schneider Electric
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2021-22734 | Improper Verification of Cryptographic Signature vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthorized code. | 7.2 |
| 2021-05-26 | CVE-2021-22735 | Improper Verification of Cryptographic Signature vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device. | 7.2 |
| 2021-05-26 | CVE-2021-22736 | Path Traversal vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a denial of service when an unauthorized file is uploaded. | 7.5 |
| 2021-05-26 | CVE-2021-22737 | Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack. | 9.8 |
| 2021-05-26 | CVE-2021-22738 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack. | 9.8 |
| 2021-05-26 | CVE-2021-22739 | Information Exposure vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a device to be compromised when it is first configured. | 5.9 |
| 2021-05-26 | CVE-2021-22740 | Information Exposure vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause information to be exposed when an unauthorized file is uploaded. | 6.5 |
| 2021-05-26 | CVE-2021-22741 | Use of Password Hash With Insufficient Computational Effort vulnerability in Schneider-Electric products Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA (all versions), EcoStruxure Geo SCADA Expert 2019 (all versions), and EcoStruxure Geo SCADA Expert 2020 (V83.7742.1 and prior), which could cause the revealing of account credentials when server database files are available. | 6.7 |
| 2021-05-26 | CVE-2021-22742 | Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. | 3.9 |
| 2021-05-26 | CVE-2021-22743 | Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TCM 4351B installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. | 3.9 |