CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-22797 – Schneider Electric EcoStruxure Control Expert Classic STU and STA File Parsing Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22797
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal) vulnerability exists that could cause malicious script to be deployed in an unauthorized location and may result in code execution on the engineering workstation when a malicious project file is loaded in the engineering software. Affected Product: EcoStruxure Control Expert (V15.0 SP1 and prior, including former Unity Pro), EcoStruxure Process Expert (2020 and prior, including former HDCS), SCADAPack RemoteConnect for x70 (All versions) Una CWE-22: Se presenta una vulnerabilidad de Limitación inadecuada de un nombre de ruta a un directorio restringido (" Salto de Ruta") que podría causar la implementación de scripts maliciosos en una ubicación no autorizada y puede resultar en una ejecución de código en la estación de trabajo de ingeniería cuando es cargado un archivo de proyecto malicioso en el software de ingeniería. Producto afectado: EcoStruxure Control Expert (versiones V15.0 SP1 y anteriores, incluido el antiguo Unity Pro), EcoStruxure Process Expert (versiones 2020 y anteriores, incluido el antiguo HDCS), SCADAPack RemoteConnect para x70 (Todas las versiones) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Control Expert Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of STU and STA files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • https://www.se.com/ww/en/download/document/SEVD-2021-257-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-22794 – Schneider Electric Struxureware Data Center Expert Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22794
A CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior) Una CWE-22: Se presenta una vulnerabilidad de Limitación de un Nombre de Ruta a un Directorio Restringido ("Salto de Ruta ") que podría causar una ejecución de código remota. Producto afectado: StruxureWare Data Center Expert (versiones V7.8.1 y anteriores) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric Struxureware Data Center Expert. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • https://www.se.com/ww/en/download/document/SEVD-2021-257-03 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22795 – Schneider Electric Struxureware Data Center Expert Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22795
A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior) Una CWE-78: Se presenta una vulnerabilidad de Neutralización Inapropiada de Elementos Especiales Usados en un Comando del Sistema Operativo (" Inyección de Comandos del Sistema Operativo") que podría causar una ejecución de código remota cuando es llevado a cabo a través de la red. Producto afectado: StruxureWare Data Center Expert (versiones V7.8.1 y anteriores) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric Struxureware Data Center Expert. Authentication is required to exploit this vulnerability. The specific flaw exists within the testRepository method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. • https://www.se.com/ww/en/download/document/SEVD-2021-257-03 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.1EPSS: 0%CPEs: 12EXPL: 0CVE-2021-22704
https://notcve.org/view.php?id=CVE-2021-22704
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions prior to V2.0) that could cause a Denial of Service or unauthorized access to system information when connecting to the Harmony HMI over FTP. Una CWE-22: Una vulnerabilidad de Limitación Inapropiada de un Nombre de Ruta a un Directorio Restringido se presenta en los productos Harmony/HMI Configurados por Vijeo Designer (todas las versiones anteriores a V6.2 SP11 ), Vijeo Designer Basic (todas las versiones anteriores a V1.2) o EcoStruxure Machine Expert (todas las versiones anteriores a V2.0) que podría causar una denegación de servicio o un acceso no autorizado a la información del sistema cuando se conecta al Harmony HMI a través de FTP • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2021-22793
https://notcve.org/view.php?id=CVE-2021-22793
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could allow an authenticated attacker to access the device via FTP protocol. Una CWE-200: Una vulnerabilidad de Exposición de Información Confidencial a un Actor no Autorizado en AccuSine PCS+ / PFV+ (versiones anteriores a V1.6.7) y AccuSine PCSn (versiones anteriores a V2.2.4) que podría permitir a un atacante autenticado acceder al dispositivo por medio del protocolo FTP • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-01 https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •