Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Schneider ELectric — Vulnerabilities & Security Advisories 287

Browse all 287 CVE security advisories affecting Schneider ELectric. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Schneider Electric operates as a global specialist in energy management and industrial automation, providing critical infrastructure solutions for data centers, buildings, and manufacturing facilities. Its extensive product portfolio, including programmable logic controllers and supervisory control and data acquisition systems, has historically been associated with a significant volume of vulnerabilities, currently totaling 287 Common Vulnerabilities and Exposures. These security flaws frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from legacy protocols or default configurations in industrial control interfaces. While the company has implemented various security patches and guidelines, the sheer scale of its connected ecosystem presents persistent attack surfaces. Notable incidents have highlighted risks in unpatched firmware and weak authentication mechanisms within its EcoStruxure platform, underscoring the critical need for rigorous network segmentation and continuous monitoring to mitigate potential disruptions to essential operational technology environments.

Top products by Schneider ELectric: StruxureWare Data Center Expert PowerChute™ Serial Shutdown IGSS Data Server (IGSSdataServer.exe) IGSS Data Server(IGSSdataServer.exe) EcoStruxure Control Expert Modicon M340 CPU (part numbers BMXP34*) OPC UA Modicon Communication Module Modicon Controllers M241/M251 Sage 1410 EcoStruxure Operator Terminal Expert EcoStruxure™ IT Data Center Expert Data Center Expert EcoStruxure™ Power Monitoring Expert (PME) Wiser Smart Wonderware Information Server Portal ClearSCADA ASCO 5310 Single-Channel Remote Annunciator APC Easy UPS Online Monitoring Software EVLink WallBox EcoStruxure Power Commission Easergy P5 StruxureWare Data Center Expert EcoStruxure Foxboro DCS Core Control Services Enerlin’X IFE interface (LV434001) Trio Q Licensed Data Radio Conext™ ComBox C-Bus Toolkit Easergy Studio NetBotz 4 - 355/450/455/550/570 APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)
CVE IDTitleCVSSSeverityPublished
CVE-2023-2161 Schneider Electric OPC Factory Server 代码问题漏洞 — OPC Factory Server (OFS)CWE-611 5.0 Medium2023-05-16
CVE-2023-25620 Schneider Electric Modicon M580 代码问题漏洞 — Modicon M340 CPU (part numbers BMXP34*) CWE-754 6.5 Medium2023-04-19
CVE-2023-25619 Schneider Electric Modbus Serial Driver 代码问题漏洞 — Modicon M340 CPU (part numbers BMXP34*) CWE-754 7.5 High2023-04-19
CVE-2023-28004 Schneider Electric PowerLogic 输入验证错误漏洞 — PowerLogic HDPM6000CWE-129 9.8 Critical2023-04-18
CVE-2023-29410 Schneider Electric Conext Gateway 输入验证错误漏洞 — InsightHomeCWE-20 7.2 High2023-04-18
CVE-2023-29413 Schneider Electric Easy UPS Online Monitoring Software 访问控制错误漏洞 — APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)CWE-306 7.5 High2023-04-18
CVE-2023-29412 Schneider Electric Easy UPS Online Monitoring Software 操作系统命令注入漏洞 — APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)CWE-78 9.8 Critical2023-04-18
CVE-2023-29411 Schneider Electric Easy UPS Online Monitoring Software 访问控制错误漏洞 — APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)CWE-306 9.8 Critical2023-04-18
CVE-2023-28003 Schneider Electric EcoStruxure Power Monitoring Expert 代码问题漏洞 — EcoStruxure Power Monitoring ExpertCWE-613 6.7 Medium2023-04-18
CVE-2023-25555 Schneider Electric StruxureWare Data Center Expert 操作系统命令注入漏洞 — StruxureWare Data Center ExpertCWE-78 5.6 Medium2023-04-18
CVE-2023-25553 Schneider Electric StruxureWare Data Center Expert 跨站脚本漏洞 — StruxureWare Data Center ExpertCWE-79 6.1 Medium2023-04-18
CVE-2023-25551 Schneider Electric StruxureWare Data Center Expert 跨站脚本漏洞 — StruxureWare Data Center ExpertCWE-79 6.1 Medium2023-04-18
CVE-2023-25550 Schneider Electric StruxureWare Data Center Expert 代码注入漏洞 — StruxureWare Data Center ExpertCWE-94 7.2 High2023-04-18
CVE-2023-25549 Schneider Electric StruxureWare Data Center Expert 代码注入漏洞 — StruxureWare Data Center ExpertCWE-94 7.2 High2023-04-18
CVE-2023-25554 Schneider Electric StruxureWare Data Center Expert 操作系统命令注入漏洞 — StruxureWare Data Center ExpertCWE-78 7.8 High2023-04-18
CVE-2023-25552 Schneider Electric StruxureWare Data Center Expert 安全漏洞 — StruxureWare Data Center ExpertCWE-862 8.1 High2023-04-18
CVE-2023-25548 Schneider Electric StruxureWare Data Center Expert 安全漏洞 — StruxureWare Data Center ExpertCWE-863 8.8 High2023-04-18
CVE-2023-25547 Schneider Electric StruxureWare Data Center Expert 安全漏洞 — StruxureWare Data Center ExpertCWE-863 8.8 High2023-04-18
CVE-2022-43378 Schneider Electric NetBotz 安全漏洞 — NetBotz 4 - 355/450/455/550/570CWE-1021 6.5 Medium2023-04-18
CVE-2022-43377 Schneider Electric NetBotz 安全漏洞 — NetBotz 4 - 355/450/455/550/570CWE-307 7.5 High2023-04-18
CVE-2022-43376 Schneider Electric NetBotz 跨站脚本漏洞 — NetBotz 4 - 355/450/455/550/570CWE-79 7.6 High2023-04-18
CVE-2022-34755 Schneider Electric Easergy Builder 代码问题漏洞 — Easergy Builder InstallerCWE-427 6.3 Medium2023-04-18
CVE-2023-25556 Schneider Electric StruxureWare Data Center Expert 授权问题漏洞 — Merten INSTABUS Tastermodul 1fach System M 625199CWE-287 8.3 High2023-04-18
CVE-2023-1548 Schneider Electric EcoStruxure Control Expert 安全漏洞 — EcoStruxure Control ExpertCWE-269 5.5 Medium2023-04-18
CVE-2023-27976 Schneider Electric EcoStruxure Control Expert 安全漏洞 — EcoStruxure Control ExpertCWE-668 8.8 High2023-04-18
CVE-2023-27977 Schneider Electric IGSS Data Server 数据伪造问题漏洞 — IGSS Data Server(IGSSdataServer.exe)CWE-345 6.5 Medium2023-03-21
CVE-2023-27978 Schneider Electric IGSS Data Server代码问题漏洞 — IGSS Data Server(IGSSdataServer.exe)CWE-502 7.8 High2023-03-21
CVE-2023-27979 Schneider Electric IGSS Data Server 数据伪造问题漏洞 — IGSS Data Server(IGSSdataServer.exe)CWE-345 6.5 Medium2023-03-21
CVE-2023-27980 Schneider Electric IGSS Data Server 访问控制错误漏洞 — IGSS Data Server(IGSSdataServer.exe)CWE-306 8.8 High2023-03-21
CVE-2023-27981 Schneider Electric IGSS Data Server 路径遍历漏洞 — IGSS Data Server(IGSSdataServer.exe)CWE-22 7.8 High2023-03-21

This page lists every published CVE security advisory associated with Schneider ELectric. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.