Schneider-electric Vijeo Designer — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Vijeo Designer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-22704 — CVSS 9.1 (critical): A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo…
CVE-2020-7501 — CVSS 8.8 (high): A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2…
CVE-2020-7490 — CVSS 7.8 (high): A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and…
CVE-2021-22705 — CVSS 7.8 (high): Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or…
CVE-2021-22817 — CVSS 7.8 (high): A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory…
CVE-2024-8306 — CVSS 7.8 (high): CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity and…