Browse all 25 CVE security advisories affecting Socomec. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SOCOMEC specializes in power management and electrical distribution solutions, primarily serving industrial, commercial, and residential sectors with uninterruptible power supplies (UPS) and energy monitoring systems. Security audits reveal a concerning history of twenty-five recorded Common Vulnerabilities and Exposures (CVEs), indicating persistent weaknesses in their product lifecycle. The most prevalent vulnerability classes involve remote code execution (RCE) and cross-site scripting (XSS), often stemming from insufficient input validation in web-based management interfaces. Additionally, several instances of privilege escalation have been documented, allowing unauthorized users to gain administrative control over critical infrastructure components. These flaws frequently reside in the embedded web servers and communication protocols used for device configuration. While no single catastrophic public breach has been widely reported, the accumulation of these CVEs suggests systemic issues in secure coding practices. Organizations deploying SOCOMEC equipment must prioritize network segmentation and regular firmware updates to mitigate the risk of exploitation within their operational technology environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-4601 | Improper Authentication vulnerability in Socomec Net Vision — Net visionCWE-287 | 6.7 | Medium | 2024-05-07 |
| CVE-2024-4600 | Cross-Site Request Forgery vulnerability in Socomec Net Vision — Net visionCWE-352 | 7.1 | High | 2024-05-07 |
This page lists every published CVE security advisory associated with Socomec. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.