Schneider Electric Schwachstellen

Zeitverlauf

Typ

SCADA Software	576
Not Defined	46
Automation Software	35
Log Management Software	3
Hardware Driver Software	1

Produkt

Schneider Electric Modicon M340	59
Schneider Electric Modicon Quantum	45
Schneider Electric Modicon Premium	41
Schneider Electric Modicon M580	41
Schneider Electric U.motion Builder	26

Massnahmen

Official Fix	329
Temporary Fix	0
Workaround	17
Unavailable	3
Not Defined	312

Ausnutzbarkeit

High	2
Functional	0
Proof-of-Concept	11
Unproven	2
Not Defined	646

Zugriffsart

Not Defined	0
Physical	7
Local	79
Adjacent	102
Network	473

Authentisierung

Not Defined	0
High	28
Low	233
None	400

Benutzeraktivität

Not Defined	0
Required	127
None	534

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	6
≤4	53
≤5	58
≤6	117
≤7	192
≤8	124
≤9	76
≤10	35

CVSSv3 Temp

≤1	0
≤2	0
≤3	11
≤4	48
≤5	61
≤6	149
≤7	182
≤8	104
≤9	71
≤10	35

VulDB

≤1	0
≤2	0
≤3	18
≤4	80
≤5	84
≤6	167
≤7	110
≤8	144
≤9	24
≤10	34

NVD

≤1	0
≤2	0
≤3	0
≤4	2
≤5	14
≤6	32
≤7	35
≤8	138
≤9	46
≤10	76

CNA

≤1	0
≤2	0
≤3	0
≤4	1
≤5	4
≤6	17
≤7	25
≤8	41
≤9	25
≤10	22

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	140
<2k	294
<5k	226
<10k	0
<25k	1
<50k	0
<100k	0
≥100k	0

Exploit heute

<1k	632
<2k	26
<5k	3
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (332): 140CRA312xxx (1), 66074 MGE Network Management Card (4), AP7xxxx (1), AP8xxx (1), APC Easy UPS Online (7), APDU9xxx (1), ATV IMC Drive Controller (1), AccuSine PCS+ (1), AccuSine PCSn (1), AccuSine PFV+ (1), Accutech Manager (2), Acti9 PowerTag Link C (1), Ampla MES (2), Andover Continuum (4), BMX-NOR-0200H (1), BMXNOR0200 (6), BMXNOR0200H Ethernet-Serial RTU Module (1), BMXNOR0200H Ethernet Serial RTU Module (2), BMxCRA312xx (1), C-Bus Network Automation Controller (2), C-Bus Toolkit (10), C-Gate Server (1), CanBRASS (1), CitectSCADA (4), Citectscada Reports (4), ClearSCADA (9), Clipsal C-Bus Network Automation Controller (2), Clipsal Wiser for C-Bus Automation Controller (2), Conext ComBox (4), Conext ComBox 865-1058 (1), Conext Gateway (1), ConneXium (1), ConneXium Network Manager (1), ConneXium Tofino Firewall (4), ConneXium Tofino OPCLSM (2), Cove (1), Custom Reports (8), Cybersecurity Admin Expert (1), Data Center Expert (4), Device Type Manager (1), EER21000 (6), EER21001 (6), ETG3000 (2), EVlink City (14), EVlink City EVC1S7P4 (7), EVlink City EVC1S22P4 (7), EVlink Parking (14), EVlink Parking EVF2 (7), EVlink Parking EVP2PE (7), EVlink Parking EVW2 (7), EVlink Smart Wallbox (14), EVlink Smart Wallbox EVB1A (7), Easergy Builder Installer (1), Easergy P3 (1), Easergy P5 (5), Easergy P40 (1), Easergy Studio (1), Easergy T200 (4), Easergy T200E (3), Easergy T200H (3), Easergy T200I (3), Easergy T200P (3), Easergy T200S (3), Easergy T300 (18), Easergy T300 RTU (1), Easy UPS Online Monitoring Software (1), EcoStruxure (3), EcoStruxure Building Operation Enterprise Server Installer (1), EcoStruxure Building Operation WebReports (5), EcoStruxure Building Operation WebStation (1), EcoStruxure Control Expert (23), EcoStruxure Cybersecurity Admin Expert (1), EcoStruxure EV Charging Expert (2), EcoStruxure Enterprise Central Installer (1), EcoStruxure Foxboro DCS Control Core Services (2), EcoStruxure Geo SCADA Expert (7), EcoStruxure Geo SCADA Expert 2019 (4), EcoStruxure Geo SCADA Expert 2020 (4), EcoStruxure Geo SCADA Expert 2021 (3), EcoStruxure Hybrid DCS (1), EcoStruxure IT Gateway (2), EcoStruxure Machine Expert (3), EcoStruxure OPC UA Server Expert (1), EcoStruxure Operator Terminal Expert (13), EcoStruxure Power Build Rapsody (2), EcoStruxure Power Commission (4), EcoStruxure Power Design (1), EcoStruxure Power Monitoring Expert (11), EcoStruxure Power Operation (2), EcoStruxure Power SCADA Operation (2), EcoStruxure Pro-face BLUE (6), EcoStruxure Process Expert (13), Enerlin'X Com'X 510 (1), Evlink Charging Station (1), FlexNet Publisher (1), Floating License Manager (1), GP-Pro EX (1), GP-Pro EX WinGP (1), GUIcon (6), Galaxy VL (1), Galaxy VS (1), Geo SCADA Mobile (1), HMI Panel HMIGTO (1), HMI Panel HMIGTU (1), HMI Panel HMIGTUX (1), HMI Panel HMIGXO (1), HMI Panel HMIGXU (1), HMI Panel HMISCU (1), HMI Panel HMISTO (1), HMI Panel HMISTU (1), HMI Panel XBTGH (1), HMI Panel XBTGT (2), Harmony (1), Harmony Control Relay RMNF22TB30 (1), Harmony Timer Relay RENF22R2MMW (1), IGSS Dashboard (9), IGSS Data Server (18), IGSS Definition (22), IGSS Mobile Application (2), IGSS Update Service (1), IMT25 Magnetic Flow DTM (1), ION73XX (2), ION75XX (2), ION76XX (2), ION8650 (4), ION8800 (4), IOS Smart Meter (3), InTouch Machine Edition (2), InduSoft Web Studio (10), InsightFacility (1), InsightHome (1), Interactive Graphical SCADA System (7), Interactive Graphical SCADA System Data Collector (6), Interactive Graphical SCADA System Data Server (8), Kerweb (1), LANDAC II-2 (1), Legacy Modicon Premium (1), Legacy Modicon Quantum (3), Legacy Offers Modicon Quantum (1), Magelis (2), Magelis XBT HMI (1), Magelis iPC (1), Merten KNX Device (1), MiCOM Px4x (1), MiCOM S1 Studio (1), Modbus Serial Driver (2), Modicon 140CRA (5), Modicon BMENOC 0311 (3), Modicon BMENOC 0321 (3), Modicon BMXNOC0401 (2), Modicon BMXNOE0100 (2), Modicon BMXNOE0110 (2), Modicon BMXNOE0110H (2), Modicon BMXNOR0200H (2), Modicon BMXP342020 (2), Modicon BMXP342020H (2), Modicon BMXP342030 (2), Modicon BMXP342030H (2), Modicon BMXP3420302 (2), Modicon BMXP3420302H (2), Modicon BMxCRA (5), Modicon LMC058 (1), Modicon LMC078 (1), Modicon M100 (1), Modicon M200 (1), Modicon M218 Logic Controller (3), Modicon M221 (12), Modicon M241 (5), Modicon M251 (5), Modicon M258 (2), Modicon M340 (59), Modicon M340 BMX (1), Modicon M340 CPU (16), Modicon M340 Communication Module (1), Modicon M340 X80 Ethernet Communication Module (4), Modicon M580 (41), Modicon M580 CPU (11), Modicon M580 CPU Safety (4), Modicon MC80 (7), Modicon Managed Switch MCSESM (1), Modicon Managed Switch MCSESP (1), Modicon Modbus Protocol (1), Modicon Momentum Ethernet CPU (4), Modicon Momentum MDI (2), Modicon Momentum Unity M1E Processor (1), Modicon PLC (3), Modicon PLC Ethernet module (1), Modicon Premium (41), Modicon Premium (2), Modicon Premium CPU (5), Modicon Premium Communication Module (4), ModiconPremium Legacy (1), Modicon Premium Legacy (3), Modicon Premium Processor (3), Modicon Quantum (45), Modicon Quantum 140 NOE771x1 (1), Modicon Quantum CPU (5), Modicon Quantum Communication Module (4), Modicon Quantum PLC (7), Modicon Quantum Plc (2), Modicon Quantum Processor (3), Modicon TM221CE16R (2), Modicon X80 BMXNOR0200H RTU (1), NMC2 AOS (6), NMC3 AOS (6), NetBotz (3), OFS (1), OPC Factory Server (2), OPC UA Modicon Communication Module (7), Opc Factory Server Tlxcdstofs (1), PLC Simulator for EcoStruxure (3), PM5XXX (2), PacDrive Eco (1), PacDrive Pro (1), PacDrive Pro2 (1), Pelco DS-NV (1), Pelco Digital Sentry Video Management System (1), Pelco Endura NET55XX Encoder (1), Pelco Sarix Professional (15), Pelco VideoXpert Enterprise (3), PowerChute Business Edition (1), PowerLogic (2), PowerLogic EGX100 (6), PowerLogic EGX300 (6), PowerLogic HDPM6000 (1), PowerLogic ION73xx (1), PowerLogic ION83xx (4), PowerLogic ION84xx (4), PowerLogic ION85xx (4), PowerLogic ION7400 (4), PowerLogic ION7650 (4), PowerLogic ION7700 (1), PowerLogic ION8600 (4), PowerLogic ION8650 (4), PowerLogic ION8800 (4), PowerLogic ION9000 (4), PowerLogic PM8ECC (4), PowerLogic PM55xx (2), PowerLogic PM800 (3), PowerLogic PM5560 (1), PowerLogic PM8000 (1), Power Monitoring Expert (1), PowerSCADA Anywhere (5), Power SCADA Operation (1), PowerTag (1), Premium CPU (1), Pro-Face GP Pro EX (1), Pro-face BLUE (1), ProClima (7), Programmable Logic Controller (1), Quantum Ethernet Module 140noe77100 (2), Ritto Wiser Door (1), SCADA Expert ClearSCADA (4), SCADAPack 7x Remote Connect (4), SCADAPack 312E (1), SCADAPack 313E (1), SCADAPack 314E (1), SCADAPack 330E (1), SCADAPack 333E (1), SCADAPack 334E (1), SCADAPack 337E (1), SCADAPack 350E (1), SCADAPack 357E (1), SCADAPack RemoteConnect for x70 (6), SCADAPack Workbench (1), SCADAPack x70 Security Administrator (1), SCADA Software (1), SCL (3), SFAPV9601 APC Easy UPS On-Line Software (2), SMC (2), SMT (3), SMTL (2), SMX (3), SRT (1), SmartStruxure (3), Smartlink (1), SoMachine (1), SoMachine Basic (5), SoMachine HVAC (5), SoMove (1), SoMove Software (1), SoSafe Configurable (1), Software Update (3), Software Update SUT Service (1), Software Update Utility (1), SpaceLogic C-Bus Application Controller (2), SpaceLogic C-Bus Home Controller (1), SpaceLogic C-Bus Network Automation Controller (2), Stb Dio Ethernet Module Stbnic2212 (1), StruxureOn Gateway (1), StruxureWare Building Expert MPM (1), StruxureWare Data Center (4), StruxureWare Data Center Expert (11), Struxureware Building Operations Automation Server (1), TCM (1), Tableau Desktop (1), Tableau Server (1), Tburjr900 (1), Telemecanique Driver Pack (1), Telvent Sage (1), Telvent Sage 3030 (1), Touch Panel (2), TriStation (2), TriStation 1131 (1), Triconex Model 3009 MP (5), Triconex TCM 4351B (1), Triconex Tricon MP 3008 (2), Trio E-Series Ethernet Data Radio (2), Trio J-Series Ethernet Data Radio (2), Trio Q-Series Ethernet Data Radio (2), U.motion Builder (26), U.motion Server (8), Unity Pro (4), VAMPSET (3), Vijeo Citect (1), Vijeo Designer (3), Vijeo Designer Basic (3), Wiser Series Gateway (1), Wiser Smart (7), Wiser for C-Bus Automation Controller (2), Wiser for KNX (8), Wonderware ArchestrA Logger (3), Wonderware Historian (1), Wonderware Historian Client (1), Wonderware InTouch (3), Wonderware InTouch Access Anywhere Server (1), Wonderware System Platform (1), X80 Advanced RTU Communication Module (7), ZelioSoft2 (1), fellerLYnk (5), homeLYnk (10), spaceLYnk (15)

Link to Vendor Website: https://www.schneider-electric.com/

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
18.03.2024	6.2	6.1	Schneider Electric Easergy T200 Cross Site Scripting	SCADA Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-2050
18.03.2024	6.4	6.3	Schneider Electric Easergy T200 erweiterte Rechte	SCADA Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-2052
18.03.2024	6.7	6.7	Schneider Electric Easergy T200 Information Disclosure	SCADA Software	Not Defined	Official Fix	0.00043	0.08	CVE-2024-2051
12.03.2024	8.3	8.3	Schneider Electric EcoStruxure Power Design Project File erweiterte Rechte	SCADA Software	Not Defined	Not Defined	0.00065	0.00	CVE-2024-2229
21.02.2024	7.0	6.7	Schneider Electric EcoStruxure IT Gateway schwache Authentisierung	SCADA Software	Not Defined	Official Fix	0.00000	0.00	CVE-2024-0865
21.02.2024	7.8	7.5	Schneider Electric EcoStruxure IT Gateway schwache Authentisierung	SCADA Software	Not Defined	Official Fix	0.00000	0.04	CVE-2024-0865
14.02.2024	8.8	8.6	Schneider Electric Harmony Control Relay RMNF22TB30 NFC schwache Authentisierung	SCADA Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-0568
14.02.2024	6.5	6.4	Schneider Electric EcoStruxure Control Expert Project File schwache Authentisierung	SCADA Software	Not Defined	Official Fix	0.00043	0.02	CVE-2023-6409
14.02.2024	6.2	6.1	Schneider Electric EcoStruxure Control Expert Project File Information Disclosure	SCADA Software	Not Defined	Official Fix	0.00043	0.09	CVE-2023-27975
14.02.2024	8.1	7.9	Schneider Electric Modicon M340 CPU erweiterte Rechte	SCADA Software	Not Defined	Official Fix	0.00043	0.04	CVE-2023-6408
09.01.2024	7.8	7.6	Schneider Electric Easergy Studio erweiterte Rechte	SCADA Software	Not Defined	Official Fix	0.00046	0.04	CVE-2023-7032
14.12.2023	6.2	6.1	Schneider Electric Trio Q-Series Ethernet Data Radio Information Disclosure	SCADA Software	Not Defined	Official Fix	0.00046	0.02	CVE-2023-5630
14.12.2023	6.2	6.1	Schneider Electric Trio Q-Series Ethernet Data Radio Redirect	SCADA Software	Not Defined	Official Fix	0.00046	0.00	CVE-2023-5629
12.12.2023	5.9	5.8	Schneider Electric Easy UPS Online Monitoring Software Directory Traversal	SCADA Software	Not Defined	Official Fix	0.00093	0.02	CVE-2023-6407
15.11.2023	5.3	5.2	Schneider Electric Galaxy VS/Galaxy VL Network Management Card Directory Traversal	SCADA Software	Not Defined	Official Fix	0.00047	0.00	CVE-2023-6032
15.11.2023	6.2	6.1	Schneider Electric EcoStruxure Power Monitoring Expert Redirect	SCADA Software	Not Defined	Official Fix	0.00046	0.00	CVE-2023-5986
15.11.2023	5.2	5.1	Schneider Electric EcoStruxure Power Monitoring Expert Cross Site Scripting	SCADA Software	Not Defined	Official Fix	0.00046	0.00	CVE-2023-5987
15.11.2023	3.6	3.5	Schneider Electric ION8650/ION8800 Cross Site Scripting	SCADA Software	Not Defined	Official Fix	0.00045	0.00	CVE-2023-5985
15.11.2023	6.4	6.3	Schneider Electric ION8650/ION8800 Firmware Update Information Disclosure	SCADA Software	Not Defined	Official Fix	0.00046	0.02	CVE-2023-5984
05.10.2023	9.8	9.6	Schneider Electric C-Bus Toolkit Directory Traversal	SCADA Software	Not Defined	Official Fix	0.00176	0.03	CVE-2023-5399
05.10.2023	9.8	9.6	Schneider Electric EcoStruxure Power Monitoring Expert Packet erweiterte Rechte	SCADA Software	Not Defined	Official Fix	0.00157	0.00	CVE-2023-5391
04.10.2023	8.8	8.6	Schneider Electric C-Bus Toolkit erweiterte Rechte	SCADA Software	Not Defined	Official Fix	0.00196	0.04	CVE-2023-5402
14.09.2023	7.8	7.6	Schneider Electric IGSS Update Service Update Source schwache Authentisierung	SCADA Software	Not Defined	Official Fix	0.00045	0.02	CVE-2023-4516
09.08.2023	5.3	5.2	Schneider Electric GP-Pro EX WinGP Log File Pufferüberlauf	SCADA Software	Not Defined	Official Fix	0.00044	0.00	CVE-2023-3953
12.07.2023	7.8	7.6	Schneider Electric Accutech Manager Pufferüberlauf	SCADA Software	Not Defined	Official Fix	0.00045	0.00	CVE-2023-29414

636 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 636 results.

◂ ZurückÜbersichtWeiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!