Schneider-electric Unity Pro — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Unity Pro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2020-7475 — CVSS 9.8 (critical): A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability…
CVE-2013-0662 — CVSS 9.3 (critical): Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers…
CVE-2020-7560 — CVSS 8.6 (high): A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of…
CVE-2014-9200 — CVSS 7.5 (high): Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove…
CVE-2019-6855 — CVSS 7.3 (high): Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions)…
CVE-2011-3330 — CVSS 7.2 (high): Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34…
CVE-2016-8354 — CVSS 7.0 (high): An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto…