Schneider Electric
Cryptographic deadly sins and the security of Modicon M100/M200/M221
28 January 2021
Weak implementation of cryptographic data protection allows various types of attacks and enables attackers to identify the key in captured traffic
From buffer overflow to switchboard setup errors: vulnerabilities in building operation software by Schneider Electric
27 January 2021
Vulnerabilities in Schneider Electric’s low-voltage distribution system configuration software could enable attackers to upload arbitrary files defining electrical system parameters
Twentieth for Ripple20: Vulnerability in embedded web server of I/O expansion modules for IoT
26 January 2021
Sсhneider Electric has published an advisory on a critical vulnerability in the web server used in TM3 I/O expansion modules
Critical vulnerability in Schneider Electric HMI configuration software
26 January 2021
The vulnerability could cause a Windows local user privilege escalation when using EcoStruxure™ Operator Terminal Expert and Pro-face BLUE software and WinGP runtime environment by Schneider Electric.
Multiple vulnerabilities in Modicon controllers
19 December 2019
If exploited, the vulnerabilities could result in denial of service. They can be fixed by updating device firmware
Dangerous vulnerability in the IGSS system
16 July 2019
The vulnerability could allow an attacker to force the software to crash or to execute arbitrary code
Multiple vulnerabilities in Schneider Electric Floating License Manager
16 July 2019
In addition to Schneider Electric, security issues affect products from AVEVA Vijeo Citect and Citect SCADA
New vulnerability in Schneider Electric Modicon PLCs
09 July 2019
The vulnerability is due to an improper check for unusual or exceptional conditions and could lead to denial of service
Vulnerabilities in Schneider Electric industrial solutions
15 January 2019
Critical and severe vulnerabilities have been identified in GP-Pro EX programming environment, Zelio Soft software and IIoT Monitor platform
Critical vulnerability in Modicon M221 PLC
23 November 2018
A critical vulnerability in Modicon M221 PLC could allow attackers to intercept traffic by remotely changing IPv4 parameters