CVE-2024-12476

🗓️ 17 Jan 2025 09:42:47Reported by schneiderType

Improper XML External Entity Reference vulnerability may disclose information and allow remote code execution.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-12476	17 Jan 202509:44	–	circl
CNNVD	Schneider Electric Web Designer 代码问题漏洞	17 Jan 202500:00	–	cnnvd
Cvelist	CVE-2024-12476	17 Jan 202509:42	–	cvelist
EUVD	EUVD-2024-50888	3 Oct 202520:07	–	euvd
ICS	Schneider Electric Web Designer for Modicon	4 Feb 202507:00	–	ics
NVD	CVE-2024-12476	17 Jan 202510:15	–	nvd
Positive Technologies	PT-2024-10224 · Unknown · Web Designer	11 Dec 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-12476	5 Feb 202510:23	–	redhatcve
Vulnrichment	CVE-2024-12476	17 Jan 202509:42	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Web Designer for BMXNOR0200H",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Web Designer for BMXNOE0110(H)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Web Designer for BMENOC0311(C)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Web Designer for BMENOC0321(C)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

15 Apr 2026 00:35Current

8High risk

Vulners AI Score8

CVSS 3.17.8

CVSS 48.4

EPSS0.00229

SSVC

CWE-611