Vulnerabilities > Schneider Electric > Software Update Utility > 1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-23 | CVE-2020-7520 | Open Redirect vulnerability in Schneider-Electric Software Update Utility A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability exists in Schneider Electric Software Update (SESU), V2.4.0 and prior, which could cause execution of malicious code on the victim's machine. | 4.0 |
2018-11-02 | CVE-2018-7799 | Uncontrolled Search Path Element vulnerability in Schneider-Electric Software Update Utility 1.0/1.0.13/1.1 A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when placing a specific DLL file. | 9.3 |
2013-01-21 | CVE-2013-0655 | Improper Input Validation vulnerability in Schneider-Electric Software Update Utility 1.0/1.0.13/1.1 The client in Schneider Electric Software Update (SESU) Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and consequently execute arbitrary code, by modifying the data stream on TCP port 80. | 9.3 |