Vulnerabilities (CVE)

Filtered by vendor Schneider-electric Subscribe

Filtered by product Scadapack 7x Remote Connect

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-7528	1 Schneider-electric	1 Scadapack 7x Remote Connect	2020-09-21	6.8 MEDIUM	7.8 HIGH
A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer.
CVE-2020-7530	1 Schneider-electric	1 Scadapack 7x Remote Connect	2020-09-21	6.5 MEDIUM	8.8 HIGH
A CWE-285 Improper Authorization vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows improper access to executable code folders.
CVE-2020-7531	1 Schneider-electric	1 Scadapack 7x Remote Connect	2020-09-21	6.8 MEDIUM	7.8 HIGH
A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user.