Vulnerabilities > Schneider Electric
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-13 | CVE-2017-5157 | Cross-site Scripting vulnerability in Schneider Electric Homelynk Controller Lss100100 Firmware 1.3.0 An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. | 6.1 |
| 2017-02-13 | CVE-2017-5155 | Insecure Default Initialization of Resource vulnerability in Schneider-Electric Wonderware Historian 2014R2Sp1P01 An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. | 7.3 |
| 2017-02-13 | CVE-2016-8374 | Resource Exhaustion vulnerability in Schneider-Electric products An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). | 7.5 |
| 2017-02-13 | CVE-2016-8367 | Resource Exhaustion vulnerability in Schneider-Electric products An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). | 5.3 |
| 2017-02-13 | CVE-2016-8354 | Code Injection vulnerability in Schneider-Electric Unity PRO 11.0/6.0/7.0 An issue was discovered in Schneider Electric Unity PRO prior to V11.1. | 7.0 |
| 2017-02-13 | CVE-2016-8352 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Connexium Firmware An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20 all versions. | 10.0 |
| 2017-02-13 | CVE-2016-5818 | Use of Hard-coded Credentials vulnerability in Schneider-Electric Powerlogic Pm8Ecc Firmware 2.651 An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. | 9.8 |
| 2017-02-13 | CVE-2016-5815 | Improper Access Control vulnerability in Schneider-Electric products An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. | 9.8 |
| 2017-02-13 | CVE-2016-5809 | Cross-Site Request Forgery (CSRF) vulnerability in Schneider-Electric products An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. | 8.8 |
| 2016-07-15 | CVE-2016-4529 | Unspecified vulnerability in Schneider-Electric Somachine Hvac Firmware 2.0.2 An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag. | 7.3 |