Filtered by vendor Schneider Electric Subscriptions
Total 9 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-5681 2 Schneider-electric, Schneider Electric 2 Ecostruxure Foxboro Dcs Control Core Services, Ecostruxure Foxboro Dcs Core Control Services 2025-08-27 7.8 High
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
CVE-2014-9188 1 Schneider Electric 1 Proclima 2025-07-24 N/A
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on details provided by researchers.
CVE-2017-5157 2 Schneider-electric, Schneider Electric 2 Homelynk Controller Lss100100, Homelynk Controller Lss100100 Firmware 2025-04-20 N/A
An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. The homeLYnk controller is susceptible to a cross-site scripting attack. User inputs can be manipulated to cause execution of JavaScript code.
CVE-2013-0662 2 Schneider-electric, Schneider Electric 13 Concept, Modbus Serial Driver, Modbuscommdtm Sl and 10 more 2025-04-12 N/A
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
CVE-2014-8513 1 Schneider Electric 1 Proclima 2025-04-12 N/A
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8514 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers.
CVE-2014-8514 1 Schneider Electric 1 Proclima 2025-04-12 N/A
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers.
CVE-2014-8512 1 Schneider Electric 1 Proclima 2025-04-12 N/A
Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8511. NOTE: this may be clarified later based on details provided by researchers.
CVE-2024-9005 1 Schneider Electric 1 Ecostruxure Power Monitoring Expert 2025-03-25 N/A
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server.
CVE-2024-8884 1 Schneider Electric 1 System Monitor Application In Harmony Industrial Pc Hmibmo Hmibmi Hmipso Hmibmp Hmibmu Hmipsp Hmipep Series 2024-10-10 9.8 Critical
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause exposure of credentials when attacker has access to application on network over http