Schneider-electric Remoteconnect
7 CVEs affecting Schneider-electric Remoteconnect. Latest disclosed: 2022-04-14. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-26507 | Critical | 9.8 | 2022-04-14 | A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This i… |
CVE-2021-22779 | Critical | 9.1 | 2021-07-14 | Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), Ec… |
CVE-2021-22797 | High | 7.8 | 2022-04-13 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal) vulnerability exists that could cause malicious script to be deployed i… |
CVE-2021-22780 | High | 7.1 | 2021-07-14 | Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro)… |
CVE-2021-22778 | High | 7.1 | 2021-07-14 | Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro)… |
CVE-2021-22782 | Medium | 5.5 | 2021-07-14 | Missing Encryption of Sensitive Data vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro)… |
CVE-2021-22781 | Medium | 5.5 | 2021-07-14 | Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro)… |