Schneider Electric Ecostruxure Machine Expert
By the Year
In 2024 there have been 0 vulnerabilities in Schneider Electric Ecostruxure Machine Expert . Ecostruxure Machine Expert did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 3 | 9.03 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Ecostruxure Machine Expert vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Schneider Electric Ecostruxure Machine Expert Security Vulnerabilities
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert Basic or SoMachine Basic programming software (versions in security notification)
CVE-2020-7489
9.8 - Critical
- April 22, 2020
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.
Injection
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists
CVE-2020-7488
7.5 - High
- April 22, 2020
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers.
Cleartext Transmission of Sensitive Information
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could
CVE-2020-7487
9.8 - Critical
- April 22, 2020
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.
Insufficient Verification of Data Authenticity
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Schneider Electric Somachine Motion or by Schneider Electric? Click the Watch button to subscribe.
