EVlink City < R8 V3.4.0.1 - Authentication Bypass

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker t...

Schneider Electric U.motion Builder - SQL Injection

The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter. id: CVE-2018-7765 info: name: Schneider Electric U.motion...

SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution

SpaceLogic C-Bus Home Controller through 1.31.460 is susceptible to remote command execution via improper neutralization of special elements. Remote root exploit can be enabled when the command is compromised, and an attacker can potentially execute malware, obtain sensitive information, modify...

Schneider Electric U.motion Builder - Remote Code Execution

U.motion Builder 1.3.4 contains a remote code execution vulnerability caused by improper input sanitization, allowing attackers to execute arbitrary system commands through crafted input parameters. id: CVE-2018-7841 info: name: Schneider Electric U.motion Builder - Remote Code Execution author:...

Schneider Electric Modicon M241, M251, and M262 Improper Resource Shutdown or Release (CVE-2025-13901)

CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels. This plugin only works with Tenable.ot. Please visit...

CVE-2026-9650

creationtimestamp| type| source ---|---|--- 2026-06-10 01:56:40+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-schneider-electric-12...

CVE-2026-9717

creationtimestamp| type| source ---|---|--- 2026-06-10 01:56:40+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-schneider-electric-12 2026-06-25 17:15:26+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-07...

CVE-2026-9716

creationtimestamp| type| source ---|---|--- 2026-06-10 01:56:40+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-schneider-electric-12 2026-06-25 17:15:24+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-07...

Schneider Electric Data Center Expert 代码问题漏洞

Schneider Electric Data Center Expert is a data monitoring software developed by Schneider Electric, a multinational technology company. Schneider Electric Data Center Expert has a code vulnerability caused by improper restrictions on XML external entity references. This vulnerability could allow...

Schneider Electric MiCOM Use of Hard-coded Credentials (CVE-2026-4832)

CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot f...

Schneider Electric Ecostruxure Machine Expert HVAC 安全漏洞

Schneider Electric Ecostruxure Machine Expert HVAC is a software platform developed by Schneider Electric, a French company, dedicated to the control and automation of heating, ventilation, and air conditioning equipment. Schneider Electric Ecostruxure Machine Expert HVAC has a security...

CVE-2026-6866

creationtimestamp| type| source ---|---|--- 2026-05-12 04:05:34+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-schneider-electric-11 2026-05-12 14:20:40+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybqzs6w2w 2026-06-09 05:00:00+00:00| seen|...

CVE-2026-6865

creationtimestamp| type| source ---|---|--- 2026-05-12 04:05:34+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-schneider-electric-11 2026-06-18 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-04 2026-06-18 20:14:18+00:00| seen|...

Schneider Electric Saitel DR RTU和Schneider Electric Saitel DP RTU 路径遍历漏洞

Schneider Electric Saitel DR RTU and Schneider Electric Saitel DP RTU are both remote terminal devices from Schneider Electric, a French company. Both devices have a path traversal vulnerability. This vulnerability stems from improper path name restrictions, which may lead to unauthorized access ...

Schneider Electric PowerChute Serial Shutdown Security Bypass Vulnerability

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. A security bypass vulnerability exists in Schneider Electric PowerChute Serial Shutdown, which stems from improper output encoding or escaping, and can...

Schneider Electric PowerChute Serial Shutdown Path Traversal Vulnerability

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric, France. A path traversal vulnerability exists in Schneider Electric PowerChute Serial Shutdown, which can be exploited by an attacker to cause a web...

Schneider Electric PowerChute Serial Shutdown 路径遍历漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric, France. A path traversal vulnerability exists in Schneider Electric PowerChute Serial Shutdown, which can be exploited by an attacker to cause a web...

Schneider Electric多款产品 信任管理问题漏洞

Schneider Electric Easergy MiCOM Px40 Series is a series of power protection and control relay devices produced by Schneider Electric, a French company. Several products from Schneider Electric have vulnerabilities related to trust management. These vulnerabilities stem from the use of hard-coded...

Schneider Electric PowerChute Serial Shutdown 注入漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a CRLF injection vulnerability that stems from improper CRLF sequence neutralization, which...

Schneider Electric PowerChute Serial Shutdown 资源管理错误漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a Resource Management Error vulnerability that stems from uncontrolled resource consumption,...