Vulnerabilities > Schneider Electric
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-18 | CVE-2018-7761 | Improper Input Validation vulnerability in Schneider-Electric products A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. | 9.8 |
| 2018-04-18 | CVE-2018-7760 | Improper Authentication vulnerability in Schneider-Electric products An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. | 9.8 |
| 2018-04-18 | CVE-2018-7759 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric products A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. | 7.5 |
| 2018-04-18 | CVE-2018-7758 | Insufficient Session Expiration vulnerability in Schneider-Electric products A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board, MiCOM P540D Range with Legacy Ethernet Board, and MiCOM Px4x Rejuvenated could lose network communication in case of TCP/IP open requests on port 20000 (DNP3oE) if an older TCI/IP session is still open with identical IP address and port number. | 6.5 |
| 2018-04-18 | CVE-2018-7246 | Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 9.8 |
| 2018-04-18 | CVE-2018-7245 | Incorrect Authorization vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 9.1 |
| 2018-04-18 | CVE-2018-7244 | Information Exposure vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 5.3 |
| 2018-04-18 | CVE-2018-7243 | Unspecified vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 9.8 |
| 2018-04-18 | CVE-2018-7242 | Inadequate Encryption Strength vulnerability in Schneider-Electric products Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. | 9.8 |
| 2018-04-18 | CVE-2018-7241 | Use of Hard-coded Credentials vulnerability in Schneider-Electric products Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. | 9.8 |