Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Schneider ELectric — Vulnerabilities & Security Advisories 287

Browse all 287 CVE security advisories affecting Schneider ELectric. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Schneider Electric operates as a global specialist in energy management and industrial automation, providing critical infrastructure solutions for data centers, buildings, and manufacturing facilities. Its extensive product portfolio, including programmable logic controllers and supervisory control and data acquisition systems, has historically been associated with a significant volume of vulnerabilities, currently totaling 287 Common Vulnerabilities and Exposures. These security flaws frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from legacy protocols or default configurations in industrial control interfaces. While the company has implemented various security patches and guidelines, the sheer scale of its connected ecosystem presents persistent attack surfaces. Notable incidents have highlighted risks in unpatched firmware and weak authentication mechanisms within its EcoStruxure platform, underscoring the critical need for rigorous network segmentation and continuous monitoring to mitigate potential disruptions to essential operational technology environments.

Top products by Schneider ELectric: StruxureWare Data Center Expert PowerChute™ Serial Shutdown IGSS Data Server (IGSSdataServer.exe) IGSS Data Server(IGSSdataServer.exe) EcoStruxure Control Expert Modicon M340 CPU (part numbers BMXP34*) OPC UA Modicon Communication Module Modicon Controllers M241/M251 Sage 1410 EcoStruxure Operator Terminal Expert EcoStruxure™ IT Data Center Expert Data Center Expert EcoStruxure™ Power Monitoring Expert (PME) Wiser Smart Wonderware Information Server Portal ClearSCADA ASCO 5310 Single-Channel Remote Annunciator APC Easy UPS Online Monitoring Software EVLink WallBox EcoStruxure Power Commission Easergy P5 StruxureWare Data Center Expert EcoStruxure Foxboro DCS Core Control Services Enerlin’X IFE interface (LV434001) Trio Q Licensed Data Radio Conext™ ComBox C-Bus Toolkit Easergy Studio NetBotz 4 - 355/450/455/550/570 APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)
CVE IDTitleCVSSSeverityPublished
CVE-2022-34754 Schneider Electric Acti9 PowerTag Link C 安全漏洞 — Acti9 PowerTag Link CCWE-269 6.8 Medium2022-07-13
CVE-2022-34753 Schneider Electric SpaceLogic C-Bus Home Controller 操作系统命令注入漏洞 — SpaceLogic C-Bus Home ControllerCWE-78 8.8 High2022-07-13
CVE-2022-32530 Schneider Electric Geo SCADA Mobile 安全漏洞 — Geo SCADA MobileCWE-668 4.8 Medium2022-06-24
CVE-2022-30238 Schneider Electric Wiser Smart 授权问题漏洞 — Wiser SmartCWE-287 8.3 High2022-06-02
CVE-2022-30237 Schneider Electric Wiser Smart 安全漏洞 — Wiser SmartCWE-311 8.2 High2022-06-02
CVE-2022-30236 Schneider Electric Wiser Smart 安全漏洞 — Wiser SmartCWE-669 8.2 High2022-06-02
CVE-2022-30235 Schneider Electric PowerLogic ION Setup 安全漏洞 — Wiser SmartCWE-307 8.6 High2022-06-02
CVE-2022-30234 Schneider Electric PowerLogic ION Setup 信任管理问题漏洞 — Wiser SmartCWE-798 9.4 Critical2022-06-02
CVE-2022-30233 Schneider Electric PowerLogic ION Setup 输入验证错误漏洞 — Wiser SmartCWE-20 6.5 Medium2022-06-02
CVE-2022-30232 Schneider Electric PowerLogic ION Setup 输入验证错误漏洞 — Power Logic ION SetupCWE-20 8.0 High2022-06-02
CVE-2022-0221 Schneider Electric SCADAPack 代码问题漏洞 — SCADAPack WorkbenchCWE-611 5.5 Medium2022-03-28
CVE-2021-22797 Schneider Electric EcoStruxure Control Expert 路径遍历漏洞 — EcoStruxure Control ExpertCWE-22 7.8 High2022-03-28
CVE-2021-22795 Schneider Electric StruxureWare Data Center Expert 操作系统命令注入漏洞 — StruxureWare Data Center ExpertCWE-78 9.1 Critical2022-03-28
CVE-2021-22794 Schneider Electric StruxureWare Data Center Expert 路径遍历漏洞 — StruxureWare Data Center ExpertCWE-22 9.1 Critical2022-03-28
CVE-2019-6834 Schneider Electric Software Update 代码问题漏洞 — Software Update (SESU) – SUT Service componentCWE-502 7.3 High2022-03-28
CVE-2022-24323 Schneider Electric EcoStruxure Control Expert和Schneider Electric EcoStruxure Process Exper 代码问题漏洞 — EcoStruxure Process ExpertCWE-754 5.3 Medium2022-03-09
CVE-2022-24322 Schneider Electric EcoStruxure Control Experta 缓冲区错误漏洞 — EcoStruxure Control ExpertCWE-119 5.3 Medium2022-03-09
CVE-2021-22783 Schneider Electric Ritto Wiser Door 安全漏洞 — Ritto Wiser DoorCWE-200 8.8 High2022-03-09
CVE-2022-22806 Schneider Electric 多款产品授权问题漏洞 — SmartConnectCWE-294 9.8 -2022-03-09
CVE-2022-22805 Schneider Electric 多款产品缓冲区错误漏洞 — SmartConnectCWE-120 9.8 -2022-03-09
CVE-2022-0715 多款Schneider Electric产品数据伪造问题漏洞 — APC Smart-UPSCWE-287 9.1 -2022-03-09
CVE-2022-22722 Schneider Electric Easergy P5 信任管理问题漏洞 — Easergy P5CWE-798 7.4 -2022-02-04
CVE-2021-22716 Schneider Electric C-Bus Toolkit 权限许可和访问控制问题漏洞 — C-Bus ToolkitCWE-732 7.8 High2021-04-13
CVE-2019-6852 多款Schneider Electric产品信息泄露漏洞 — Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)CWE-200 7.5 -2019-11-20
CVE-2019-6853 Schneider Electric Andover Continuum 跨站脚本漏洞 — Andover Continuum models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702CWE-79 6.1 -2019-11-20
CVE-2015-1014 Schneider Electric OPC Factory Server 安全漏洞 — OFS v3.5CWE-427 7.8 -2019-03-25
CVE-2018-7522 Schneider Electric Triconex Tricon MP 3008 安全漏洞 — Triconex TriconCWE-119 9.8 -2018-05-04
CVE-2018-8872 Schneider Electric Triconex Tricon MP 3008 安全漏洞 — Triconex TriconCWE-119 8.1 -2018-05-04
CVE-2014-9200 Schneider Electric Device Type Managers (DTMs) Stack-based Buffer Overflow — Unity ProCWE-121 7.8 -2015-02-01
CVE-2014-9197 Schneider Electric ETG3000 FactoryCast HMI Gateway Missing Authentication for Critical Function — ETG3000 FactoryCast HMI GatewayCWE-306 5.3 -2015-01-27

This page lists every published CVE security advisory associated with Schneider ELectric. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.