Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Schneider Electric — Vulnerabilities & Security Advisories 287

Browse all 287 CVE security advisories affecting Schneider Electric. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Schneider Electric operates as a global specialist in energy management and industrial automation, providing critical infrastructure solutions for data centers, buildings, and manufacturing facilities. Its extensive product portfolio, including programmable logic controllers and supervisory control and data acquisition systems, has historically been associated with a significant volume of vulnerabilities, currently totaling 287 Common Vulnerabilities and Exposures. These security flaws frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from legacy protocols or default configurations in industrial control interfaces. While the company has implemented various security patches and guidelines, the sheer scale of its connected ecosystem presents persistent attack surfaces. Notable incidents have highlighted risks in unpatched firmware and weak authentication mechanisms within its EcoStruxure platform, underscoring the critical need for rigorous network segmentation and continuous monitoring to mitigate potential disruptions to essential operational technology environments.

Top products by Schneider Electric: StruxureWare Data Center Expert PowerChute™ Serial Shutdown IGSS Data Server (IGSSdataServer.exe) IGSS Data Server(IGSSdataServer.exe) EcoStruxure Control Expert Modicon M340 CPU (part numbers BMXP34*) OPC UA Modicon Communication Module Modicon Controllers M241/M251 Sage 1410 EcoStruxure Operator Terminal Expert EcoStruxure™ IT Data Center Expert Data Center Expert EcoStruxure™ Power Monitoring Expert (PME) Wiser Smart Wonderware Information Server Portal ClearSCADA ASCO 5310 Single-Channel Remote Annunciator APC Easy UPS Online Monitoring Software EVLink WallBox EcoStruxure Power Commission Easergy P5 StruxureWare Data Center Expert EcoStruxure Foxboro DCS Core Control Services Enerlin’X IFE interface (LV434001) Trio Q Licensed Data Radio Conext™ ComBox C-Bus Toolkit Easergy Studio NetBotz 4 - 355/450/455/550/570 APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)
CVE IDTitleCVSSSeverityPublished
CVE-2025-0814 Schneider Electric Enerlin 输入验证错误漏洞 — Enerlin’X IFE interface (LV434001)CWE-20 5.3 Medium2025-02-13
CVE-2025-0815 Schneider Electric Enerlin 输入验证错误漏洞 — Enerlin’X IFE interface (LV434001)CWE-20 6.5 Medium2025-02-13
CVE-2025-0816 Schneider Electric Enerlin 输入验证错误漏洞 — Enerlin’X IFE interface (LV434001)CWE-20 6.5 Medium2025-02-13
CVE-2025-0327 Schneider Electric EcoStruxure Process Expert 安全漏洞 — EcoStruxure Process ExpertCWE-269 7.8 High2025-02-13
CVE-2025-1070 Schneider Electric ASCO 5310和ASCO 5350 代码问题漏洞 — ASCO 5310 Single-Channel Remote AnnunciatorCWE-434 8.1 High2025-02-13
CVE-2025-1060 Schneider Electric ASCO 5310和ASCO 5350 安全漏洞 — ASCO 5310 Single-Channel Remote AnnunciatorCWE-319 7.5 High2025-02-13
CVE-2025-1059 Schneider Electric ASCO 5310 安全漏洞 — ASCO 5310 Single-Channel Remote AnnunciatorCWE-770 7.5 High2025-02-13
CVE-2025-1058 Schneider Electric ASCO 5310和ASCO 5350 安全漏洞 — ASCO 5310 Single-Channel Remote AnnunciatorCWE-494 8.1 High2025-02-13
CVE-2024-10083 Schneider Electric EcoStruxure Control Expert、EcoStruxure Process Expert和OPC Factory Server 输入验证错误漏洞 — Uni-Telway driverCWE-20 5.5 Medium2025-02-13
CVE-2024-8401 Schneider Electric EcoStruxure Power Monitoring Expert 跨站脚本漏洞 — EcoStruxure Power Monitoring Expert (PME) 2021CWE-79 5.4 Medium2025-01-28
CVE-2024-10498 Schneider Electric PowerLogic HDPM6000 缓冲区错误漏洞 — PowerLogic HDPM6000CWE-119 6.5 Medium2025-01-17
CVE-2024-10497 Schneider Electric PowerLogic HDPM6000 安全漏洞 — PowerLogic HDPM6000CWE-639 8.8 High2025-01-17
CVE-2024-12703 Schneider Electric RemoteConnect and SCADAPack 代码问题漏洞 — RemoteConnect and SCADAPack x70 UtilitiesCWE-502 7.8 High2025-01-17
CVE-2024-12142 Schneider Electric Modicon M340 信息泄露漏洞 — Modicon M340 processors (part numbers BMXP34*)CWE-200 8.6 High2025-01-17
CVE-2024-12476 Schneider Electric Web Designer 代码问题漏洞 — Web Designer for BMXNOR0200HCWE-611 7.8 High2025-01-17
CVE-2024-12399 Schneider Electric Pro-face GP-Pro EX和Remote HMI 安全漏洞 — Pro-face GP-Pro EXCWE-924 7.1 High2025-01-17
CVE-2024-11425 Schneider Electric Modicon M580 安全漏洞 — Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety)CWE-131 7.5 High2025-01-17
CVE-2024-11139 Schneider Electric EcoStruxure Power Build Rapsody 缓冲区错误漏洞 — EcoStruxure™ Power Build RapsodyCWE-119 7.3 -2025-01-17
CVE-2024-11999 Schneider Electric多款产品 安全漏洞 — Harmony (Formerly Magelis) HMIST6, HMISTM6, HMIG3U, HMIG3X, HMISTO7 series with EcoStruxure Operator Terminal Expert runtimeCWE-1104 8.8 High2024-12-17
CVE-2024-11737 Schneider Electric Modicon Controllers 输入验证错误漏洞 — Modicon Controllers M241 / M251CWE-20 9.8 Critical2024-12-11
CVE-2024-10511 Schneider Electric PowerChute Serial Shutdown 授权问题漏洞 — PowerChute Serial ShutdownCWE-287 5.3 Medium2024-12-11
CVE-2024-10575 Schneider Electric EcoStruxure IT Gateway 安全漏洞 — EcoStruxure IT GatewayCWE-862 9.8 Critical2024-11-13
CVE-2024-9409 Schneider Electric多款产品 资源管理错误漏洞 — PowerLogic PM5320CWE-400 7.5 High2024-11-13
CVE-2024-8936 Schneider Electric 输入验证错误漏洞 — Modicon M340 CPU (part numbers BMXP34*)CWE-20 6.5 Medium2024-11-13
CVE-2024-8938 Schneider Electric Modicon M340 缓冲区错误漏洞 — Modicon M340 CPU (part numbers BMXP34*)CWE-119 8.1 High2024-11-13
CVE-2024-8937 Schneider Electric Modicon M340 缓冲区错误漏洞 — Modicon M340 CPU (part numbers BMXP34*)CWE-119 6.5 Medium2024-11-13
CVE-2024-8935 Schneider Electric Modicon M340 安全漏洞 — Modicon M340 CPU (part numbers BMXP34*)CWE-290 7.5 High2024-11-13
CVE-2024-8933 Schneider Electric Modicon M340 安全漏洞 — Modicon M340 CPU (part numbers BMXP34*)CWE-924 7.5 High2024-11-13
CVE-2024-8070 Schneider Electric EVlink Home Smart和Schneider Charge 安全漏洞 — EVlink Home SmartCWE-312 8.5 High2024-10-13
CVE-2024-8530 Schneider Electric Data Center Expert 访问控制错误漏洞 — Data Center ExpertCWE-306 5.9 Medium2024-10-11

This page lists every published CVE security advisory associated with Schneider Electric. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.