Schneider-electric Clearscada — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Clearscada, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2019-6854 — CVSS 7.8 (high): A CWE-287: Improper Authentication vulnerability exists in a folder within EcoStruxure Geo SCADA Expert (ClearSCADA) -with initial releases…
CVE-2022-24321 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause Denial of Service against the Geo…
CVE-2022-24318 — CVSS 7.5 (high): A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted communication with the server when outdated…
CVE-2017-6021 — CVSS 7.5 (high): In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior, 2014 R1.1 (build 75.5387) and prior, 2015 R1 (build 76.5648) and prior…
CVE-2021-22741 — CVSS 6.7 (medium): Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA (all versions), EcoStruxure Geo SCADA Expert…
CVE-2022-24319 — CVSS 5.9 (medium): A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the…
CVE-2022-24320 — CVSS 5.9 (medium): A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the…
CVE-2023-0595 — CVSS 5.3 (medium): A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious…