Schneider-electric Remoteconnect

7 CVEs affecting Schneider-electric Remoteconnect. Latest disclosed: 2022-04-14. Critical: 2, High: 3.

Top CVEs affecting Schneider-electric Remoteconnect
CVESeverityScorePublishedSummary
CVE-2022-26507Critical9.82022-04-14A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This i…
CVE-2021-22779Critical9.12021-07-14Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), Ec…
CVE-2021-22797High7.82022-04-13A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal) vulnerability exists that could cause malicious script to be deployed i…
CVE-2021-22780High7.12021-07-14Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro)…
CVE-2021-22778High7.12021-07-14Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro)…
CVE-2021-22782Medium5.52021-07-14Missing Encryption of Sensitive Data vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro)…
CVE-2021-22781Medium5.52021-07-14Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro)…