Schneider-electric Ecostruxure Machine Expert — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Ecostruxure Machine Expert, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2020-7487 — CVSS 9.8 (critical): A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on…
CVE-2020-7489 — CVSS 9.8 (critical): A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on…
CVE-2021-22704 — CVSS 9.1 (critical): A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo…
CVE-2021-22705 — CVSS 7.8 (high): Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or…
CVE-2020-7488 — CVSS 7.5 (high): A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between…