Schneider Electric

Schneider Electric has fixed a vulnerability in SESU software

08 November 2018

The vulnerability affects the Schneider Electric Software Update (SESU) tool, which is used to notify users when updated Schneider Electric software is available
Schneider Electric products shipped with infected USB media

12 September 2018

USB media infected with malware were shipped with Conext ComBox and Conext Battery Monitor products
Vulnerabilities in Schneider Electric industrial devices

31 August 2018

New vulnerabilities have been identified in Schneider Electric PM5560 power meter and Modicon M221 logic controller
Multiple vulnerabilities in U.motion Builder

13 June 2018

Multiple remote code execution vulnerabilities have been corrected in Schneider Electric’s U.motion Builder. Fixes for the vulnerabilities have been included in version 1.3.4 of the solution
Multiple vulnerabilities in Schneider Electric Floating License Manager

29 May 2018

Dangerous vulnerabilities have been identified in the Schneider Electric Floating License Manager platform. Exploiting these vulnerabilities enables remote attackers to cause denial-of-service conditions, execute arbitrary code with system level privileges on the target system and redirect users to arbitrary websites for phishing attacks. The security issues identified are associated with three vulnerabilities in Flexera Publisher...
Critical vulnerabilities in Schneider Electric industrial solutions

19 April 2018

Critical vulnerabilities have been identified in SCADA/HMI solutions InduSoft Web Studio and InTouch Machine Edition, and in the Triconex Tricon model 3008 Safety Instrumented System
Multiple vulnerabilities closed in U.motion Builder building automation solution

11 April 2018

Schneider Electric has closed multiple vulnerabilities in U.motion Builder – a total of 16 vulnerabilities with different severity levels (CVSS v.3 base score of 4.3 to 10)
Multiple vulnerabilities identified in the Modicon family of industrial controllers

29 March 2018

US CERT has published an advisory on vulnerabilities in the Modicon family of industrial controllers by Schneider Electric. Successful exploitation of these vulnerabilities could provide remote unauthorized attackers with access to the file transfer service on vulnerable devices, enabling them to execute arbitrary code or install malicious firmware. The vulnerabilities identified affect the following Modicon...
Schneider Electric Closes Critical Vulnerability in HMI Products

16 November 2017

Schneider Electric has released patches for a vulnerability which affects InduSoft Web Studio and HMI InTouch Machine Edition products