Vulnerabilities > Schneider Electric > Unity PRO > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-7560 | Unspecified vulnerability in Schneider-Electric Ecostruxure Control Expert and Unity PRO A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure™ Control Expert software. | 8.6 |
| 2020-01-06 | CVE-2019-6855 | Incorrect Authorization vulnerability in Schneider-Electric products Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers. | 7.3 |
| 2017-02-13 | CVE-2016-8354 | Code Injection vulnerability in Schneider-Electric Unity PRO 11.0/6.0/7.0 An issue was discovered in Schneider Electric Unity PRO prior to V11.1. | 7.0 |