Schneider Electric

Multiple vulnerabilities in Schneider Electric Floating License Manager

29 May 2018

Dangerous vulnerabilities have been identified in the Schneider Electric Floating License Manager platform. Exploiting these vulnerabilities enables remote attackers to cause denial-of-service conditions, execute arbitrary code with system level privileges on the target system and redirect users to arbitrary websites for phishing attacks. The security issues identified are associated with three vulnerabilities in Flexera Publisher...
Critical vulnerabilities in Schneider Electric industrial solutions

19 April 2018

Critical vulnerabilities have been identified in SCADA/HMI solutions InduSoft Web Studio and InTouch Machine Edition, and in the Triconex Tricon model 3008 Safety Instrumented System
Multiple vulnerabilities closed in U.motion Builder building automation solution

11 April 2018

Schneider Electric has closed multiple vulnerabilities in U.motion Builder – a total of 16 vulnerabilities with different severity levels (CVSS v.3 base score of 4.3 to 10)
Multiple vulnerabilities identified in the Modicon family of industrial controllers

29 March 2018

US CERT has published an advisory on vulnerabilities in the Modicon family of industrial controllers by Schneider Electric. Successful exploitation of these vulnerabilities could provide remote unauthorized attackers with access to the file transfer service on vulnerable devices, enabling them to execute arbitrary code or install malicious firmware. The vulnerabilities identified affect the following Modicon...
Schneider Electric Closes Critical Vulnerability in HMI Products

16 November 2017

Schneider Electric has released patches for a vulnerability which affects InduSoft Web Studio and HMI InTouch Machine Edition products