Vulnerabilities > Schneider Electric > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-13 | CVE-2021-22720 | Unspecified vulnerability in Schneider-Electric C-Bus Toolkit 1.15.7 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring a project. | 7.2 |
| 2021-04-13 | CVE-2021-22719 | Unspecified vulnerability in Schneider-Electric C-Bus Toolkit 1.15.7 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file is uploaded. | 8.8 |
| 2021-04-13 | CVE-2021-22718 | Unspecified vulnerability in Schneider-Electric C-Bus Toolkit 1.15.7 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files. | 7.8 |
| 2021-04-13 | CVE-2021-22717 | Unspecified vulnerability in Schneider-Electric C-Bus Toolkit 1.15.7 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files. | 8.8 |
| 2021-04-13 | CVE-2021-22716 | Unspecified vulnerability in Schneider-Electric C-Bus Toolkit 1.15.7 A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. | 7.8 |
| 2021-03-11 | CVE-2021-22713 | Unspecified vulnerability in Schneider-Electric products A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 (see security notifcation for affected versions), which could cause the meter to reboot. | 7.5 |
| 2021-03-11 | CVE-2021-22712 | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to an unchecked pointer address. | 7.8 |
| 2021-03-11 | CVE-2021-22711 | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to missing validation of input data. | 7.8 |
| 2021-03-11 | CVE-2021-22710 | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
| 2021-03-11 | CVE-2021-22709 | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |