CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-46680
https://notcve.org/view.php?id=CVE-2022-46680
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-129-03.pdf • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2161
https://notcve.org/view.php?id=CVE-2023-2161
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized read access to the file system when a malicious configuration file is loaded on to the software by a local user. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-129-01.pdf • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-25620
https://notcve.org/view.php?id=CVE-2023-25620
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when a malicious project file is loaded onto the controller by an authenticated user. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-05.pdf • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2023-25619
https://notcve.org/view.php?id=CVE-2023-25619
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when communicating over the Modbus TCP protocol. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-05.pdf • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28004
https://notcve.org/view.php?id=CVE-2023-28004
A CWE-129: Improper validation of an array index vulnerability exists where a specially crafted Ethernet request could result in denial of service or remote code execution. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-073-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-073-02.pdf • CWE-129: Improper Validation of Array Index •