Schneider Electric Vulnerabilities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single items and item collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Prioritizing items becomes possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Schneider Electric Modicon M34060
Schneider Electric Modicon Quantum45
Schneider Electric Modicon Premium41
Schneider Electric Modicon M58041
Schneider Electric U.motion Builder26

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official fix403
Temporary fix0
Workaround17
Not available3
Not defined313

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

Attacked0
Highly functional3
Functional0
Proof-of-Concept13
Unproven2
Not defined718

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical12
Local91
Adjacent105
Network528

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High35
Low259
None442

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required143
None593

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base

≤10
≤20
≤36
≤456
≤565
≤6130
≤7213
≤8145
≤982
≤1039

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤312
≤451
≤568
≤6160
≤7205
≤8127
≤974
≤1039

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤21
≤321
≤489
≤592
≤6179
≤7126
≤8160
≤930
≤1038

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤42
≤515
≤634
≤740
≤8151
≤951
≤1082

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤42
≤58
≤632
≤739
≤868
≤933
≤1028

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day

<1k165
<2k317
<5k253
<10k0
<25k1
<50k0
<100k0
≥100k0

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k719
<2k16
<5k1
<10k0
<25k0
<50k0
<100k0
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (400): 140CRA312xxx (1), 66074 MGE Network Management Card (4), AP7xxxx (1), AP8xxx (1), APC Easy UPS Online (7), APDU9xxx (1), ASCO 5310 Single-Channel Remote Annunciator (4), ASCO 5350 Eight Channel Remote Annunciator (4), ATV IMC Drive Controller (1), AccuSine PCS+ (1), AccuSine PCSn (1), AccuSine PFV+ (1), Accutech Manager (3), Acti9 PowerTag Link C (1), Ampla MES (2), Andover Continuum (4), BMENOC0311 (1), BMENOC0321 (1), BMENOR2200H (1), BMX-NOR-0200H (1), BMXNOE0100 (1), BMXNOE0110 (2), BMXNOR0200 (6), BMXNOR0200H (2), BMXNOR0200H Ethernet-Serial RTU Module (1), BMXNOR0200H Ethernet Serial RTU Module (2), BMxCRA312xx (1), C-Bus Network Automation Controller (2), C-Bus Toolkit (10), C-Gate Server (1), CanBRASS (1), CitectSCADA (4), Citectscada Reports (4), ClearSCADA (9), Clipsal C-Bus Network Automation Controller (2), Clipsal Wiser for C-Bus Automation Controller (2), Conext ComBox (4), Conext ComBox 865-1058 (1), Conext Gateway (1), ConneXium (1), ConneXium Network Manager (3), ConneXium Tofino Firewall (4), ConneXium Tofino OPCLSM (2), Cove (1), Custom Reports (8), Cybersecurity Admin Expert (1), Data Center Expert (6), Device Type Manager (1), EER21000 (6), EER21001 (6), ETG3000 (2), EVLink Pro AC (1), EVLink WallBox (4), EVlink City (14), EVlink City EVC1S7P4 (7), EVlink City EVC1S22P4 (7), EVlink Home Smart (2), EVlink Parking (14), EVlink Parking EVF2 (7), EVlink Parking EVP2PE (7), EVlink Parking EVW2 (7), EVlink Smart Wallbox (14), EVlink Smart Wallbox EVB1A (7), Easergy Builder Installer (1), Easergy P3 (1), Easergy P5 (5), Easergy P40 (1), Easergy Studio (3), Easergy T200 (4), Easergy T200E (3), Easergy T200H (3), Easergy T200I (3), Easergy T200P (3), Easergy T200S (3), Easergy T300 (18), Easergy T300 RTU (1), Easy UPS Online Monitoring Software (1), EcoStruxure (3), EcoStruxure Building Operation Enterprise Server Installer (1), EcoStruxure Building Operation WebReports (5), EcoStruxure Building Operation WebStation (1), EcoStruxure Control Expert (23), EcoStruxure Cybersecurity Admin Expert (1), EcoStruxure EV Charging Expert (2), EcoStruxure Enterprise Central Installer (1), EcoStruxure Foxboro DCS Control Core Services (2), EcoStruxure Foxboro DCS Core Control Services (3), EcoStruxure Geo SCADA Expert (7), EcoStruxure Geo SCADA Expert 2019 (4), EcoStruxure Geo SCADA Expert 2020 (4), EcoStruxure Geo SCADA Expert 2021 (3), EcoStruxure Hybrid DCS (1), EcoStruxure IT Gateway (2), EcoStruxure Machine Expert (3), EcoStruxure OPC UA Server Expert (1), EcoStruxure Operator Terminal Expert (13), EcoStruxure Panel Server (1), EcoStruxure Power Automation System User Interface (1), EcoStruxure Power Build Rapsody (3), EcoStruxure Power Build Rapsody Software (1), EcoStruxure Power Commission (4), EcoStruxure Power Design (1), EcoStruxure Power Monitoring Expert (12), EcoStruxure Power Monitoring Expert PME 2020 (1), EcoStruxure Power Monitoring Expert PME 2021 (1), EcoStruxure Power Operation (2), EcoStruxure Power Operation EPO 2021 (1), EcoStruxure Power Operation EPO 2022 (1), EcoStruxure Power SCADA Operation (2), EcoStruxure Power SCADA Operation 2020 PSO (1), EcoStruxure Pro-face BLUE (6), EcoStruxure Process Expert (14), EcoStruxure Process Expert for AVEVA System Platform (1), Enerlin'X Com'X 510 (1), Enerlin X IFE interface (3), Enerlin X eIFE (3), Evlink Charging Station (1), FlexNet Publisher (1), Floating License Manager (1), FoxRTU Station (1), GP-Pro EX (1), GP-Pro EX WinGP (1), GUIcon (6), Galaxy VL (1), Galaxy VS (1), Geo SCADA Mobile (1), HMI Panel HMIGTO (1), HMI Panel HMIGTU (1), HMI Panel HMIGTUX (1), HMI Panel HMIGXO (1), HMI Panel HMIGXU (1), HMI Panel HMISCU (1), HMI Panel HMISTO (1), HMI Panel HMISTU (1), HMI Panel XBTGH (1), HMI Panel XBTGT (2), Harmony (1), Harmony Control Relay RMNF22TB30 (1), Harmony HMIG3U (1), Harmony HMIG3X (1), Harmony HMIST6 (1), Harmony HMISTM6 (1), Harmony HMISTO7 (1), Harmony Industrial PC HMIBMI (1), Harmony Industrial PC HMIBMO (1), Harmony Industrial PC HMIBMP (1), Harmony Industrial PC HMIBMU (1), Harmony Industrial PC HMIPEP (1), Harmony Industrial PC HMIPSO (1), Harmony Industrial PC HMIPSP (1), Harmony Timer Relay RENF22R2MMW (1), IGSS Dashboard (9), IGSS Data Server (18), IGSS Definition (22), IGSS Mobile Application (2), IGSS Update Service (1), IMT25 Magnetic Flow DTM (1), ION73XX (2), ION75XX (2), ION76XX (2), ION8650 (4), ION8800 (4), IOS Smart Meter (3), InTouch Machine Edition (2), InduSoft Web Studio (10), InsightFacility (1), InsightHome (1), Interactive Graphical SCADA System (7), Interactive Graphical SCADA System Data Collector (6), Interactive Graphical SCADA System Data Server (8), Kerweb (1), LANDAC II-2 (1), Legacy Modicon Premium (1), Legacy Modicon Quantum (3), Legacy Offers Modicon Quantum (1), Magelis (2), Magelis XBT HMI (1), Magelis iPC (1), Merten KNX Device (1), MiCOM Px4x (1), MiCOM S1 Studio (1), Modbus Serial Driver (2), Modicon 140CRA (5), Modicon BMENOC 0311 (3), Modicon BMENOC 0321 (3), Modicon BMXNOC0401 (2), Modicon BMXNOE0100 (2), Modicon BMXNOE0110 (2), Modicon BMXNOE0110H (2), Modicon BMXNOR0200H (2), Modicon BMXP342020 (2), Modicon BMXP342020H (2), Modicon BMXP342030 (2), Modicon BMXP342030H (2), Modicon BMXP3420302 (2), Modicon BMXP3420302H (2), Modicon BMxCRA (5), Modicon Controllers LMC058 (7), Modicon Controllers M241 (9), Modicon Controllers M251 (9), Modicon Controllers M258 (7), Modicon Controllers M262 (3), Modicon LMC058 (1), Modicon LMC078 (1), Modicon M100 (1), Modicon M200 (1), Modicon M218 Logic Controller (3), Modicon M221 (12), Modicon M241 (5), Modicon M251 (5), Modicon M258 (2), Modicon M340 (60), Modicon M340 BMX (1), Modicon M340 CPU (20), Modicon M340 CPU (part numbers BMXP34*) (1), Modicon M340 Communication Module (1), Modicon M340 Processors (1), Modicon M340 X80 Ethernet Communication Module (4), Modicon M580 (41), Modicon M580 CPU (12), Modicon M580 CPU Safety (4), Modicon MC80 (10), Modicon MC80 (part numbers BMKC80) (1), Modicon Managed Switch MCSESM (1), Modicon Managed Switch MCSESP (1), Modicon Modbus Protocol (1), Modicon Momentum Ethernet CPU (4), Modicon Momentum MDI (2), Modicon Momentum Unity M1E Processor (4), Modicon Momentum Unity M1E Processor (171CBU*) (1), Modicon PLC (3), Modicon PLC Ethernet module (1), Modicon Premium (41), Modicon Premium (2), Modicon Premium CPU (5), Modicon Premium Communication Module (4), ModiconPremium Legacy (1), Modicon Premium Legacy (3), Modicon Premium Processor (3), Modicon Quantum (45), Modicon Quantum 140 NOE771x1 (1), Modicon Quantum CPU (5), Modicon Quantum Communication Module (4), Modicon Quantum PLC (7), Modicon Quantum Plc (2), Modicon Quantum Processor (3), Modicon TM221CE16R (2), Modicon X80 BMXNOR0200H RTU (1), NMC2 AOS (6), NMC3 AOS (6), NetBotz (3), OFS (1), OPC Factory Server (2), OPC UA Modicon Communication Module (7), Opc Factory Server Tlxcdstofs (1), PLC Simulator for EcoStruxure (3), PM5XXX (2), PacDrive Eco (1), PacDrive Pro (1), PacDrive Pro2 (1), Pelco DS-NV (1), Pelco Digital Sentry Video Management System (1), Pelco Endura NET55XX Encoder (1), Pelco Sarix Professional (15), Pelco VideoXpert Enterprise (3), PowerChute Business Edition (1), PowerChute Serial Shutdown (1), PowerLogic (2), PowerLogic EGX100 (6), PowerLogic EGX300 (6), PowerLogic HDPM6000 (3), PowerLogic ION73xx (1), PowerLogic ION83xx (4), PowerLogic ION84xx (4), PowerLogic ION85xx (4), PowerLogic ION7400 (4), PowerLogic ION7650 (4), PowerLogic ION7700 (1), PowerLogic ION8600 (4), PowerLogic ION8650 (4), PowerLogic ION8800 (4), PowerLogic ION9000 (4), PowerLogic P5 (1), PowerLogic PM8ECC (4), PowerLogic PM55xx (2), PowerLogic PM800 (3), PowerLogic PM5320 (1), PowerLogic PM5340 (1), PowerLogic PM5341 (1), PowerLogic PM5560 (1), PowerLogic PM8000 (1), Power Monitoring Expert (1), PowerSCADA Anywhere (5), Power SCADA Operation (1), PowerTag (1), Premium CPU (1), Pro-Face GP Pro EX (1), Pro-face BLUE (1), Pro-face GP-Pro EX (1), Pro-face Industrial PC PS5000 (1), Pro-face Remote HMI (1), ProClima (7), Programmable Logic Controller (1), Quantum Ethernet Module 140noe77100 (2), RemoteConnect and SCADAPack x70 Utilities (1), Ritto Wiser Door (1), SCADA Expert ClearSCADA (4), SCADAPack 7x Remote Connect (4), SCADAPack 312E (1), SCADAPack 313E (1), SCADAPack 314E (1), SCADAPack 330E (1), SCADAPack 333E (1), SCADAPack 334E (1), SCADAPack 337E (1), SCADAPack 350E (1), SCADAPack 357E (1), SCADAPack RemoteConnect for x70 (6), SCADAPack Workbench (1), SCADAPack x70 Security Administrator (1), SCADA Software (1), SCL (3), SFAPV9601 APC Easy UPS On-Line Software (2), SMC (2), SMT (3), SMTL (2), SMX (3), SRT (1), Sage 1410 (6), Sage 1430 (6), Sage 1450 (6), Sage 2400 (6), Sage 3030 Magnum (6), Sage 4400 (6), Schneider Charge (1), SmartStruxure (3), Smartlink (1), SoMachine (1), SoMachine Basic (5), SoMachine HVAC (5), SoMove (1), SoMove Software (1), SoSafe Configurable (1), Software Update (3), Software Update SUT Service (1), Software Update Utility (1), SpaceLogic AS-B (2), SpaceLogic AS-P (2), SpaceLogic C-Bus Application Controller (2), SpaceLogic C-Bus Home Controller (1), SpaceLogic C-Bus Network Automation Controller (2), Stb Dio Ethernet Module Stbnic2212 (1), StruxureOn Gateway (1), StruxureWare Building Expert MPM (1), StruxureWare Data Center (4), StruxureWare Data Center Expert (11), Struxureware Building Operations Automation Server (1), TCM (1), Tableau Desktop (1), Tableau Server (1), Tburjr900 (1), Telemecanique Driver Pack (1), Telvent Sage (1), Telvent Sage 3030 (1), Touch Panel (2), TriStation (2), TriStation 1131 (1), Triconex Model 3009 MP (5), Triconex TCM 4351B (1), Triconex Tricon MP 3008 (2), Trio E-Series Ethernet Data Radio (2), Trio J-Series Ethernet Data Radio (2), Trio Q-Series Ethernet Data Radio (2), Trio Q Licensed Data Radio (3), U.motion Builder (26), U.motion Server (8), Uni-Telway Driver (1), Unity Pro (4), VAMPSET (3), Vijeo Citect (1), Vijeo Designer (4), Vijeo Designer Basic (3), WebHMI (1), Wiser Home Controller WHC-5918A (1), Wiser Series Gateway (1), Wiser Smart (7), Wiser for C-Bus Automation Controller (2), Wiser for KNX (8), Wonderware ArchestrA Logger (3), Wonderware Historian (1), Wonderware Historian Client (1), Wonderware InTouch (3), Wonderware InTouch Access Anywhere Server (1), Wonderware System Platform (1), X80 Advanced RTU Communication Module (7), Zelio Soft 2 (2), ZelioSoft2 (1), fellerLYnk (5), homeLYnk (10), spaceLYnk (15)

Link to Vendor Website: https://www.schneider-electric.com/

PublishedBaseTempVulnerabilityProdExpCouEPSSCTICVE
06/10/20254.44.4Schneider Electric Modicon Controllers M262 cross site scriptingSCADA SoftwareNot definedOfficial fix0.000290.00CVE-2025-3117
06/10/20254.44.4Schneider Electric Modicon Controllers LMC058 PLC cross site scriptingSCADA SoftwareNot definedOfficial fix0.000290.00CVE-2025-3905
06/10/20254.44.4Schneider Electric EVLink WallBox cross site scriptingSCADA SoftwareNot definedOfficial fix0.000290.00CVE-2025-5742
06/10/20254.44.4Schneider Electric Modicon Controllers M241/Modicon Controllers M251 Webserver cross site scriptingSCADA SoftwareNot definedOfficial fix0.000170.00CVE-2025-3899
06/10/20255.15.0Schneider Electric EVLink WallBox Configuration os command injectionSCADA SoftwareNot definedOfficial fix0.005620.00CVE-2025-5743
06/10/20256.56.3Schneider Electric Modicon Controllers LMC058 HTTPS Request denial of serviceSCADA SoftwareNot definedOfficial fix0.000490.00CVE-2025-3116
06/10/20255.95.8Schneider Electric EVLink WallBox path traversalSCADA SoftwareNot definedOfficial fix0.000890.00CVE-2025-5740
06/10/20256.56.3Schneider Electric Modicon Controllers M262 HTTPS Request denial of serviceSCADA SoftwareNot definedOfficial fix0.000490.00CVE-2025-3898
06/10/20256.56.3Schneider Electric Modicon Controllers M241/Modicon Controllers M251 Header resource consumptionSCADA SoftwareNot definedOfficial fix0.000440.00CVE-2025-3112
06/10/20254.84.7Schneider Electric EVLink WallBox path traversalSCADA SoftwareNot definedOfficial fix0.000490.04CVE-2025-5741
05/14/20256.46.3Schneider Electric Modicon Controllers LMC058 URL external referenceSCADA SoftwareNot definedOfficial fix0.000900.06CVE-2025-2875
05/13/20256.36.0Schneider Electric EcoStruxure Power Build Rapsody Software Project File stack-based overflowSCADA SoftwareNot definedOfficial fix0.000230.08CVE-2025-3916
04/09/20253.13.0Schneider Electric Trio Q Licensed Data Radio sensitive informationSCADA SoftwareNot definedOfficial fix0.000230.00CVE-2025-2440
04/09/20257.06.9Schneider Electric ConneXium Network Manager Project File input validationSCADA SoftwareNot definedOfficial fix0.000260.06CVE-2025-2223
04/09/20256.86.6Schneider Electric Trio Q Licensed Data Radio insecure default initialization of resourceSCADA SoftwareNot definedOfficial fix0.000330.09CVE-2025-2442
04/09/20253.53.4Schneider Electric Trio Q Licensed Data Radio insecure default initialization of resourceSCADA SoftwareNot definedOfficial fix0.000230.02CVE-2025-2441
04/09/20256.05.9Schneider Electric ConneXium Network Manager file accessSCADA SoftwareNot definedOfficial fix0.000320.04CVE-2025-2222
03/12/20256.86.6Schneider Electric EcoStruxure Power Automation System User Interface improper authenticationSCADA SoftwareNot definedOfficial fix0.000430.00CVE-2025-0813
03/12/20259.89.6Schneider Electric WebHMI insecure default initialization of resourceSCADA SoftwareNot definedOfficial fix0.000640.00CVE-2025-1960
03/12/20254.14.1Schneider Electric EcoStruxure Panel Server log fileSCADA SoftwareNot definedOfficial fix0.000170.00CVE-2025-2002
02/13/20257.27.0Schneider Electric ASCO 5310 Single-Channel Remote Annunciator unrestricted uploadSCADA SoftwareNot definedOfficial fix0.000840.00CVE-2025-1070
02/13/20256.56.3Schneider Electric Enerlin X IFE interface/Enerlin X eIFE denial of serviceSCADA SoftwareNot definedOfficial fix0.000510.08CVE-2025-0816
02/13/20256.56.3Schneider Electric Enerlin X IFE interface/Enerlin X eIFE ICMPv6 Packet denial of serviceSCADA SoftwareNot definedOfficial fix0.000510.05CVE-2025-0815
02/13/20255.65.5Schneider Electric ASCO 5310 Single-Channel Remote Annunciator cleartext transmissionSCADA SoftwareNot definedOfficial fix0.000310.00CVE-2025-1060
02/13/20256.26.1Schneider Electric ASCO 5310 Single-Channel Remote Annunciator code downloadSCADA SoftwareNot definedOfficial fix0.000380.00CVE-2025-1058

711 more entries are not shown

Do you know our Splunk app?

Download it now for free!