CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7783
https://notcve.org/view.php?id=CVE-2018-7783
03 Jul 2018 — Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band (OOB) attack. The vulnerability is triggered when input passed to the xml parser is not sanitized while parsing the xml project/template file. Schneider Electric SoMachine Basic en versiones anteriores a la v1.6 SP1 sufre una vulnerabilidad XXE (XML External Entity) ... • https://www.schneider-electric.com/en/download/document/SEVD-2018-142-01 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7965
https://notcve.org/view.php?id=CVE-2017-7965
07 Jun 2017 — A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller. Existe una vulnerabilidad de desbordamiento de búfer en el ejecutable del Software de Programación AlTracePrint.exe, en SoMachine HVAC versión v2.1.0 de Schneider Electric para el controlador Modicon M171/M172. • http://www.schneider-electric.com/en/download/document/SEVD-2017-125-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-7966
https://notcve.org/view.php?id=CVE-2017-7966
07 Jun 2017 — A DLL Hijacking vulnerability in the programming software in Schneider Electric's SoMachine HVAC v2.1.0 allows a remote attacker to execute arbitrary code on the targeted system. The vulnerability exists due to the improper loading of a DLL. Una vulnerabilidad de secuestro de DLL en el software de programación de SoMachine HVAC versión v2.1.0 de Schneider Electric, permite que un atacante remoto ejecute código arbitrario en el sistema apuntado. La vulnerabilidad existe debido a la carga inapropiada de una D... • http://www.schneider-electric.com/en/download/document/SEVD-2017-125-02 • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-7574
https://notcve.org/view.php?id=CVE-2017-7574
06 Apr 2017 — Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password can be found in the decrypted data... • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-01 • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2016-4529 – Schneider Electric SoMachine HVAC AxEditGrid ActiveX Control SetDataIntf Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4529
15 Jul 2016 — An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag. Un control ActiveX no especificado en Schneider Electric SoMachine HVAC Programming Software para M171/M172 Controllers en versiones anteriores a 2.1.0 permite a atacantes remotos ejecutar código arbitrario a través de vectores desc... • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-161-01 •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2014-9200 – Schneider Electric SoMove Lite IsObjectModel RemoveParameter Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-9200
01 Feb 2015 — Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer bas... • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 63%CPEs: 21EXPL: 4CVE-2013-0662 – SEIG Modbus 3.4 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2013-0662
28 Mar 2014 — Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header. Múltiples desbordamientos de buffer basado en pila en ModbusDrv.exe en Schneider Electric Modbus Serial Driver 1.10 hasta 3.2 permiten a atacantes remotos ejecutar código arbitrario a través de un valor de tamaño de buffer grande en Modbus Application Header. SEIG Modbus version 3.4 su... • https://packetstorm.news/files/id/148995 • CWE-787: Out-of-bounds Write •