330 matches found
Schneider Electric多款产品 安全特征问题漏洞
Schneider Electric Easergy MiCOM Px40 Series are products of Schneider Electric, a French company. The Schneider Electric Easergy MiCOM Px40 Series consists of a series of power protection and control relay devices. The Schneider Electric Easergy MiCOM C264 is an industrial communication gateway...
Schneider Electric多款产品 信任管理问题漏洞
Schneider Electric Easergy MiCOM Px40 Series is a series of power protection and control relay devices produced by Schneider Electric, a French company. Several products from Schneider Electric have vulnerabilities related to trust management. These vulnerabilities stem from the use of hard-coded...
CVE-2021-22772
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 Modbus SC2-04MOD-07000100 and earlier, Easergy T200 IEC104 SC2-04IEC-07000100 and earlier, and Easergy T200 DNP3 SC2-04DNP-07000102 and earlier that could cause unauthorized operation when authentication ...
CVE-2020-7503
A CWE-352: Cross-Site Request Forgery CSRF vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted...
CVE-2020-7512
A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to exploit the component...
CVE-2020-7514
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker access to the authorization credentials for a device and gain full access...
CVE-2020-7509
A CWE-269: Improper privilege management write vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to elevate their privileges and delete files...
CVE-2020-7518
A CWE-20: Improper input validation vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to modify project configuration files...
CVE-2020-7510
A CWE-200: Information Exposure vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow attacker to obtain private keys...
CVE-2020-7515
A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker to decrypt a password...
CVE-2020-7506
A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure...
CVE-2020-7519
A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to compromise a user account...
CVE-2020-7511
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to acquire a password by brute force...
CVE-2020-7513
A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to intercept traffic and read configuration data...
CVE-2020-7504
A CWE-20: Improper Input Validation vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to disable the webserver service on the device when specially crafted network packets are sent...
CVE-2024-2747
CWE-428: Unquoted search path or element vulnerability exists in Easergy Studio, which could cause privilege escalation when a valid user replaces a trusted file name on the system and reboots the machine...
EUVD-2020-28631
Malware in sbrugna...
EUVD-2020-28628
Malware in sbrugna...
EUVD-2020-28634
Malware in sbrugna...
EUVD-2020-28635
Malware in sbrugna...