Vulnerabilities > Schneider Electric
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-9629 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Wonderware Archestra Logger 2017.426.2307.1 A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. | 9.8 |
| 2017-07-07 | CVE-2017-9627 | Resource Exhaustion vulnerability in Schneider-Electric Wonderware Archestra Logger 2017.426.2307.1 An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. | 8.6 |
| 2017-06-30 | CVE-2017-6034 | Improper Authentication vulnerability in Schneider-Electric Modbus Firmware An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. | 9.8 |
| 2017-06-30 | CVE-2017-6032 | Improperly Implemented Security Check for Standard vulnerability in Schneider-Electric Modbus Firmware A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. | 5.3 |
| 2017-06-30 | CVE-2017-6030 | Insufficient Entropy vulnerability in Schneider-Electric products A Predictable Value Range from Previous Values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. | 6.5 |
| 2017-06-30 | CVE-2017-6028 | Insufficiently Protected Credentials vulnerability in Schneider-Electric Modicon M241 Firmware and Modicon M251 Firmware An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. | 9.8 |
| 2017-06-30 | CVE-2017-6026 | Use of Insufficiently Random Values vulnerability in Schneider-Electric Modicon M241 Firmware and Modicon M251 Firmware A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. | 9.1 |
| 2017-06-30 | CVE-2017-6017 | Resource Exhaustion vulnerability in Schneider-Electric products A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. | 7.5 |
| 2017-06-07 | CVE-2017-7966 | Uncontrolled Search Path Element vulnerability in Schneider-Electric Somachine 2.1.0 A DLL Hijacking vulnerability in the programming software in Schneider Electric's SoMachine HVAC v2.1.0 allows a remote attacker to execute arbitrary code on the targeted system. | 8.8 |
| 2017-06-07 | CVE-2017-7965 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Somachine Hvac 2.1.0 A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller. | 7.3 |