Schneider-electric

Remoteconnect

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5

CVE-2024-12703

  • EPSS 0.35%
  • Veröffentlicht 17.01.2025 11:15:08
  • Zuletzt bearbeitet 17.01.2025 11:15:08

CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when a non-admin authenticated user opens a malicious project file.

9.8

CVE-2022-26507

  • EPSS 6.7%
  • Veröffentlicht 14.04.2022 13:15:11
  • Zuletzt bearbeitet 21.11.2024 06:54:04

A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, C...

9.3

CVE-2021-22797

  • EPSS 0.45%
  • Veröffentlicht 13.04.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 05:50:41

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal) vulnerability exists that could cause malicious script to be deployed in an unauthorized location and may result in code execution on the engineering workstation ...

7.1

CVE-2021-22778

  • EPSS 0.05%
  • Veröffentlicht 14.07.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:38

Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS...

9.1

CVE-2021-22779

  • EPSS 0.12%
  • Veröffentlicht 14.07.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:38

Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all...

7.1

CVE-2021-22780

  • EPSS 0.05%
  • Veröffentlicht 14.07.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:39

Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS...

5.5

CVE-2021-22781

  • EPSS 0.05%
  • Veröffentlicht 14.07.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:39

Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS...

5.5

CVE-2021-22782

  • EPSS 0.02%
  • Veröffentlicht 14.07.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:39

Missing Encryption of Sensitive Data vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS...