Schneider-electric Remoteconnect — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Remoteconnect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-26507 — CVSS 9.8 (critical): A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote…
CVE-2021-22779 — CVSS 9.1 (critical): Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all…
CVE-2021-22797 — CVSS 7.8 (high): A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal) vulnerability exists that could cause malicious…
CVE-2021-22780 — CVSS 7.1 (high): Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all…
CVE-2021-22778 — CVSS 7.1 (high): Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all…
CVE-2021-22781 — CVSS 5.5 (medium): Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all…
CVE-2021-22782 — CVSS 5.5 (medium): Missing Encryption of Sensitive Data vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all…