Home / Posts with tag "Schneider Electric"

Schneider Electric

Cryptographic deadly sins and the security of Modicon M100/M200/M221

28 January 2021

Weak implementation of cryptographic data protection allows various types of attacks and enables attackers to identify the key in captured traffic
From buffer overflow to switchboard setup errors: vulnerabilities in building operation software by Schneider Electric

27 January 2021

Vulnerabilities in Schneider Electric’s low-voltage distribution system configuration software could enable attackers to upload arbitrary files defining electrical system parameters
Twentieth for Ripple20: Vulnerability in embedded web server of I/O expansion modules for IoT

26 January 2021

Sсhneider Electric has published an advisory on a critical vulnerability in the web server used in TM3 I/O expansion modules
Critical vulnerability in Schneider Electric HMI configuration software

26 January 2021

The vulnerability could cause a Windows local user privilege escalation when using EcoStruxure™ Operator Terminal Expert and Pro-face BLUE software and WinGP runtime environment by Schneider Electric.
Multiple vulnerabilities in Modicon controllers

19 December 2019

If exploited, the vulnerabilities could result in denial of service. They can be fixed by updating device firmware
Dangerous vulnerability in the IGSS system

16 July 2019

The vulnerability could allow an attacker to force the software to crash or to execute arbitrary code
Multiple vulnerabilities in Schneider Electric Floating License Manager

16 July 2019

In addition to Schneider Electric, security issues affect products from AVEVA Vijeo Citect and Citect SCADA
New vulnerability in Schneider Electric Modicon PLCs

09 July 2019

The vulnerability is due to an improper check for unusual or exceptional conditions and could lead to denial of service
Vulnerabilities in Schneider Electric industrial solutions

15 January 2019

Critical and severe vulnerabilities have been identified in GP-Pro EX programming environment, Zelio Soft software and IIoT Monitor platform
Critical vulnerability in Modicon M221 PLC

23 November 2018

A critical vulnerability in Modicon M221 PLC could allow attackers to intercept traffic by remotely changing IPv4 parameters