Schneider-electric Pro-face Blue — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Pro-face Blue, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2020-28221 — CVSS 9.8 (critical): A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert and Pro-face BLUE (version details in…
CVE-2023-1049 — CVSS 7.8 (high): A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause execution of malicious code when…
CVE-2022-41667 — CVSS 7.0 (high): A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that allows adversaries with…
CVE-2022-41668 — CVSS 7.0 (high): A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local user privileges to load a project file from…
CVE-2022-41669 — CVSS 7.0 (high): A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the SGIUtility component that allows adversaries with…
CVE-2022-41670 — CVSS 7.0 (high): A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in the SGIUtility component…
CVE-2022-41671 — CVSS 7.0 (high): A CWE-89: Improper Neutralization of Special Elements used in SQL Command (‘SQL Injection’) vulnerability exists that allows…
CVE-2022-41666 — CVSS 7.0 (high): A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that allows adversaries with local user privileges to load…