Schneider-electric : Security Vulnerabilities, CVEs, Published In 2020 (Code Execution)
In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code.
Max CVSS
7.8
EPSS Score
0.10%
Published
2020-05-14
Updated
2022-01-31
A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.
Max CVSS
8.8
EPSS Score
0.24%
Published
2020-11-19
Updated
2022-01-31
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Max CVSS
7.8
EPSS Score
0.33%
Published
2020-11-19
Updated
2021-02-01
A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Max CVSS
7.8
EPSS Score
0.33%
Published
2020-11-19
Updated
2021-02-01
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Max CVSS
7.8
EPSS Score
0.33%
Published
2020-11-19
Updated
2021-02-01
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Max CVSS
7.8
EPSS Score
0.33%
Published
2020-11-19
Updated
2021-01-30
A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Max CVSS
7.8
EPSS Score
0.33%
Published
2020-11-19
Updated
2021-02-01
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Max CVSS
7.8
EPSS Score
0.33%
Published
2020-11-19
Updated
2021-03-15
A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Max CVSS
7.8
EPSS Score
0.23%
Published
2020-11-19
Updated
2022-01-01
A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Max CVSS
7.8
EPSS Score
0.23%
Published
2020-11-19
Updated
2022-01-01
A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Max CVSS
7.8
EPSS Score
0.33%
Published
2020-11-19
Updated
2021-02-01
A CWE-494 Download of Code Without Integrity Check vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to inject data with dangerous content into the firmware and execute arbitrary code on the system.
Max CVSS
9.0
EPSS Score
0.11%
Published
2020-06-16
Updated
2020-06-17
12 vulnerabilities found