Vulnerabilities > Schneider Electric > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-03 | CVE-2018-7785 | Command Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command injection allows authentication bypass. | 9.8 |
| 2018-07-03 | CVE-2018-7784 | Improper Input Validation vulnerability in Schneider-Electric U.Motion In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs when the submitted data of an input string is evaluated as a command by the application. | 9.8 |
| 2018-07-03 | CVE-2018-7780 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric products In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, a buffer overflow vulnerability exist in cgi program "set". | 9.8 |
| 2018-07-03 | CVE-2018-7778 | Missing Authentication for Critical Function vulnerability in Schneider-Electric Evlink Charging Station Firmware In Schneider Electric Evlink Charging Station versions prior to v3.2.0-12_v1, the Web Interface has an issue that may allow a remote attacker to gain administrative privileges without properly authenticating remote users. | 9.8 |
| 2018-05-23 | CVE-2018-1126 | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. network low complexity procps-ng-project canonical debian redhat schneider-electric CWE-190 critical | 9.8 |
| 2018-04-18 | CVE-2018-7761 | Improper Input Validation vulnerability in Schneider-Electric products A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. | 9.8 |
| 2018-04-18 | CVE-2018-7760 | Improper Authentication vulnerability in Schneider-Electric products An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. | 9.8 |
| 2018-04-18 | CVE-2018-7246 | Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 9.8 |
| 2018-04-18 | CVE-2018-7245 | Incorrect Authorization vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 9.1 |
| 2018-04-18 | CVE-2018-7243 | Unspecified vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 9.8 |