Vulnerabilities > Schneider Electric > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-06 | CVE-2017-7574 | Use of Hard-coded Credentials vulnerability in Schneider-Electric Modicon Tm221Ce16R Firmware and Somachine Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. | 9.8 |
| 2017-03-08 | CVE-2017-5178 | Insecure Default Initialization of Resource vulnerability in Schneider-Electric products An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. | 9.8 |
| 2017-02-13 | CVE-2016-8352 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Connexium Firmware An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20 all versions. | 10.0 |
| 2017-02-13 | CVE-2016-5818 | Use of Hard-coded Credentials vulnerability in Schneider-Electric Powerlogic Pm8Ecc Firmware 2.651 An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. | 9.8 |
| 2017-02-13 | CVE-2016-5815 | Improper Access Control vulnerability in Schneider-Electric products An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. | 9.8 |
| 2016-07-15 | CVE-2016-4520 | Unspecified vulnerability in Schneider-Electric Pelco Digital Sentry Video Management System Firmware 7.6.32.9203 Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors. | 9.8 |
| 2016-04-06 | CVE-2015-7921 | Credentials Management vulnerability in Schneider-Electric products The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of these credentials. | 9.1 |
| 2012-01-28 | CVE-2012-0931 | Improper Authentication vulnerability in Schneider-Electric Modicon Quantum PLC Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. | 9.8 |