20 matches found
CVE-2020-7546
A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow an attacker to perform actions on behalf of the authorized user when...
EUVD-2020-28670
Malware in sbrugna...
EUVD-2020-28671
Malware in sbrugna...
EUVD-2020-28672
Malware in sbrugna...
CVE-2020-7547
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow a user the ability to perform actions via the web interface at a higher privilege level...
CVE-2020-7547
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow a user the ability to perform actions via the web interface at a higher privilege level...
CVE-2020-7545
A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow for arbitrary code execution on the server when an authorized user access an affected webpage...
CVE-2020-7545
A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow for arbitrary code execution on the server when an authorized user access an affected webpage...
CVE-2020-7546
A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow an attacker to perform actions on behalf of the authorized user when...
CVE-2020-7547
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow a user the ability to perform actions via the web interface at a higher privilege level...
Improper access control
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow a user the ability to perform actions via the web interface at a higher privilege level...
Improper access control
A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow for arbitrary code execution on the server when an authorized user access an affected webpage...
Design/Logic Flaw
A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow an attacker to perform actions on behalf of the authorized user when...
CVE-2020-7547
CVE-2020-7547 concerns an improper access control vulnerability in Schneider Electric EcoStruxure and SmartStruxure Power Monitoring and SCADA Software. The common description across sources states that a user can perform actions via the web interface at a higher privilege level, indicating privi...
CVE-2020-7547
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow a user the ability to perform actions via the web interface at a higher privilege level...
CVE-2020-7546
Technical details (affected products/versions/root cause/remediation) are not provided in the connected documents. Monitor for updates from vendors and security advisories.
CVE-2020-7546
A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow an attacker to perform actions on behalf of the authorized user when...
CVE-2020-7545
CVE-2020-7545 describes an improper access control (CWE-284) vulnerability in Schneider Electric EcoStruxure and SmartStruxure Power Monitoring and SCADA Software. An authorized user accessing an affected webpage could trigger arbitrary code execution on the server. Public references cite CVSS v3...
PT-2020-19623 · Schneider Electric · Smartstruxure Power Monitoring +1
Name of the Vulnerable Software and Affected Versions: EcoStruxure and SmartStruxure Power Monitoring and SCADA Software affected versions not specified Description: A CWE-284: Improper Access Control issue exists that could allow for arbitrary code execution on the server when an authorized user...
Cross-Site Scripting Vulnerability in Multiple Schneider Electric Products
Schneider Electric EcoStruxure Power Monitoring Expert is a product of the French company Schneider Electric.Schneider Electric EcoStruxure Power Monitoring Schneider Electric EcoStruxure Power Monitoring Expert is a device for power distribution monitoring in IoT environments.Schneider Electric...