CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

CNNVD•added 2026/03/10 12:0 a.m.•2 views

Schneider Electric多款产品安全漏洞

Schneider Electric Modicon M241, among others, are programmable logic controllers produced by Schneider Electric, a French company. Several products from Schneider Electric have security vulnerabilities. These vulnerabilities stem from improper resource closure or release procedures, which may...

6.9CVSS5.8AI score0.00102EPSS

Exploits0References1

CNNVD•added 2026/03/10 12:0 a.m.•2 views

Schneider Electric多款产品跨站脚本漏洞

Schneider Electric Modicon M258 is a product of the French company Schneider Electric. Schneider Electric Modicon M258 is a programmable automation controller. Schneider Electric Modicon M241 is a programmable logic controller. Schneider Electric Modicon M251 is also a programmable logic...

5.1CVSS6AI score0.0007EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2019-16374

Malware in sbrugna...

8.2CVSS8.1AI score0.00302EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-9834

Malicious code in bioql PyPI...

7.8CVSS8.2AI score0.00367EPSS

Exploits0References1

Tenable Nessus•added 2023/03/01 12:0 a.m.•12 views

Schneider Electric Modicon Cleartext Transmission of Sensitive Information (CVE-2020-7488)

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.4AI score0.00187EPSS

Exploits0References2

Tenable Nessus•added 2023/03/01 12:0 a.m.•32 views

Schneider Electric Modicon Improper Input Validation (CVE-2021-22699)

Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP. This plugin only works with Tenable.ot. Please visit...

7.8CVSS7.8AI score0.00367EPSS

Exploits0References2

NCSC•added 2022/02/10 12:0 a.m.•1 views

Vulnerabilities fixed in Schneider Electric Modicon M241/M251

Schneider Electric has fixed vulnerabilities in the CODESYS web server and gateway components of Modicon M241 and M251 controllers. An unauthenticated remote malicious person could potentially exploit the vulnerabilities to cause a denial-of-service cause or execute arbitrary code with the...

9.8CVSS8AI score0.00407EPSS

Exploits1

OSV•added 2021/05/26 8:15 p.m.•2 views

CVE-2021-22699

7.5CVSS7.2AI score

Exploits0References1

Prion•added 2021/05/26 8:15 p.m.•10 views

Input validation

7.8CVSS7.3AI score0.00367EPSS

Exploits0References1Affected Software2

CNNVD•added 2021/05/26 12:0 a.m.•1 views

Schneider Electric 输入验证错误漏洞

An input validation error vulnerability exists in Schneider Electric that stems from an incorrect input validation vulnerability in the Modicon M241/M251 Logic Controller firmware prior to V5.1.9.1, which could result in a denial of service when an attacker sends a carefully crafted request to th...

7.8CVSS7.9AI score0.00367EPSS

Exploits0References1

NVD•added 2020/04/22 7:15 p.m.•8 views

CVE-2020-7487

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers...

9.8CVSS9.6AI score0.00219EPSS

Exploits0References1

NVD•added 2020/04/22 7:15 p.m.•11 views

CVE-2020-7488

7.5CVSS7.4AI score0.00187EPSS

Exploits0References1

Prion•added 2020/04/22 7:15 p.m.•10 views

Design/Logic Flaw

5CVSS7.3AI score0.00187EPSS

Exploits0References1

Prion•added 2020/04/22 7:15 p.m.•10 views

Design/Logic Flaw

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers...

7.5CVSS9.4AI score0.00219EPSS

Exploits0References1

CVE•added 2020/04/22 6:51 p.m.•41 views

CVE-2020-7488

The CVE-2020-7488 issue concerns a CWE-319 vulnerability (Cleartext Transmission of Sensitive Information) that could leak sensitive data transmitted between Schneider Electric’s Modicon controllers (M218, M241, M251, M258) and associated software. The root cause is insecure cleartext transmissio...

7.5CVSS7.3AI score0.00187EPSS

Exploits0References1Affected Software3

Vulnrichment•added 2020/04/22 6:51 p.m.•1 views

CVE-2020-7488

7.1AI score0.00187EPSS

Exploits0References1

Cvelist•added 2019/05/22 7:40 p.m.•19 views

CVE-2019-6820

A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration IP address, network mask and gateway IP address when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC...

8.2AI score0.00302EPSS

Exploits0References1

Positive Technologies•added 2019/05/14 12:0 a.m.•4 views

PT-2019-2282

Name of the Vulnerable Software and Affected Versions Modicon M100 versions all Modicon M200 versions all Modicon M221 versions all ATV IMC drive controller versions all Modicon M241 versions all Modicon M251 versions all Modicon M258 versions all Modicon LMC058 versions all Modicon LMC078 versio...

8.2CVSS7.3AI score0.00302EPSS

Exploits0References8

Tenable Nessus•added 2019/05/13 12:0 a.m.•13 views

Schneider Electric Modicon M251 PLC Detection

Binary data 754870.prm...

7.3AI score

Exploits0

Tenable Nessus•added 2019/05/08 12:0 a.m.•7 views

Schneider Electric Modicon M241 and M251 PLCs Insufficiently Protected Credentials

Binary data 720115.prm...

9.8CVSS7.3AI score0.00318EPSS

Exploits0References2