Ecostruxure Machine Expert CVE Vulnerabilities

By Schneider-Electric2 known vulnerabilities

Critical
1
High
1
Medium
0
Low
0
None
0

All Ecostruxure Machine Expert CVEs

Recent Highest Score Oldest
CVE-2020-7489
9.8 critical

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, cou

Apr 22, 2020
CVE-2020-7488
7.5 high

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers.

Apr 22, 2020