Global (English)

Welcome to the Schneider Electric corporate Website

ENGLISH | FRENCH

You can choose another country to view available products or go to our Global website for company information.

Choose your country or region

Date Product CVE Description Products and versions affected More information
Date Product CVE Description Products and versions affected More information
2017/03/02 VAMPSET CVE-2017-7967 Memory Corruption v2.2.189 and prior Security Notification – VAMPSET
2017/03/27 Wonderware InTouch Access Anywhere - Cross-Site Request Forgery, Information Exposure, Inadequate Encryption Strength v11.5.2 and prior LFSEC00000114
2017/05/26 Samba Vulnerability CVE-2017-7494 Remote code execution All versions after 3.5 Security Notification – Samba Vulnerability
2017/05/15 Customers running Windows OS CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148 WannaCry Ransomware Attack All versions Security Notification – WannaCry Ransomware Attack
2017/04/28 Wonderware Historian Client - XML Injection Vulnerability v2014 R2 SP1 and prior LFSEC00000120
2017/03/01 SCADA Expert ClearSCADA  - Denial of Service v2015 R2 and prior Security Notification – SCADA Expert ClearSCADA 
2016/12/27 PlantStruxure PES License Manager CVE-2015-8277 Buffer Overflow All versions Security Notification – PlantStruxure PES License Manager
2016/12/27 PlantStruxure PES Software - Arbitrary Code Execution All versions Security Notification – PlantStruxure PES Software
2016/10/28 Magelis HMI - Denial of Service and Loss of Communications Multiple products, see notification Security Notification - Magelis HMI
2016/10/26 Connexium Firewall - Buffer Overflow ConneXium Firewall, all versions Security Notification - Connexium Firewall
2016/10/14 Unity PRO Software - Remote Code Execution using Unity Simulator Unity PRO, all versions prior to V11.1 Security Notification - Unity Simulator
2016/09/27 PM800 ECC Power Meter - Unauthenticated Access PowerLogic PM8ECC, all firmware versions up to 2.651 Security Notification - PM800 ECC Power Meter
2016/06/10 SoMachine HVAC Programming Software - Remote Code Execution SoMachine HVAC Programming Software v2.0.2 Security Notification - SoMachine HVAC Programming Software
2016/06/01 Pelco Digital Sentry - Remote Code Execution Digital Sentry versions prior to 7.13 Security Notification - Pelco Digital Sentry
2016/03/14 Pro-Face GP-Pro EX CVE-2016-2292, CVE-2015-2291, CVE-2015-2290, CVE-2015-7921 Multiple Vulnerabilities GP-Pro EX, see disclosure Security Notification - Pro-Face GP-Pro EX
2016/03/12 SAGE RTU - Improper Ethernet Frame Padding SAGE RTU, see disclosure Security Notification - SAGE RTU
2016/02/29 MiCOM Px30 and Px40 Protective Relay - Integer Overflow MiCOM Px30 and Px40, all versions Security Notification - MiCOM Protection Relays
2016/02/17 ConneXium Managed Switch - Password synchronization issue See disclosure Security Notification - ConneXium
2016/02/04 ConneXium Lite Managed Switch - Unauthorized upload of firmware TCSESL043F23F0, and versions 01.01 and all previous versions Security Notification - ConneXium
2016/01/25 StruxureWare Building Operations - Weak Credentials and OS Command Injection Automation Server series (AS, AS-P), V1.7 and prior Security Notification - SBO Automation Server
2016/01/20 Altivar Drives - Modification of Drive Parameters See disclosure Altivar, Cyber security Information and Guidance (01/2016)
2016/01/11 MiCOM C264 - Integer Overflow See disclosure Security Notification - MiCOM C264
2015/12/10 M340 PLC - Buffer Overflow See disclosure Security Notification - GoAhead Web Server Vulnerability
2015/11/25 ProClima SW - Remote Code Execution ProClima, all versions prior to V6.2 Security Notification - ProClima Software
2015/09/11 Struxureware Building Expert CVE-2015-3962 Cleartext Data Transmission Struxureware Building Expert, prior to version 2.15 Security Notification - Struxureware Building Expert
2015/09/08 InduSoft Web Studio - Multiple vulnerabilities InduSoft Web Studio V7.1.3.6 and previous versions Security Notification - InduSoft Web Studio Vulnerabilities
2015/08/21 Modicon M340 PLC - Remote File Inclusion See disclosure Security Notification - Modicon PLC Web Servers
2015/07/30 DTM for IMT25 Magnetic Flow - Buffer Overflow IMT25 DTM V1.500.000 and previous Security Notification - DTM for IMT25 Magnetic Flow
2015/07/15 ConneXium Managed Switch - Authentication Bypass ConneXium Managed Switch, see disclosure Security Notification - ConneXium Managed Switches
2015/06/23 Wonderware InTouch, AppServer, Historian, SuiteLink - Binary Planting Wonderware System Platform 2014 R2 and earlier LFSEC00000106
2015/06/23 PowerChute Business Edition - Cross Site Scripting PCBE Agent V9.0.3 FA247020 
2015/06/11 SAGE RTU - TCP Sequence Number Predictability See disclosure Security Notification - SAGE RTU
2016/12/08 Data Center Expert Software - Storage of passwords 7.3.1.114, 7.2.4 and earlier versions Security Notification – Data Center Expert
2016/11/30 Power Monitoring Expert and PowerSCADA Expert Software CVE-2015-8277 Flexera License Manager Component Buffer Overflow See disclosure Security Notification – Power Monitoring Expert and PowerSCADA Expert
2016/11/29 Vijeo Citect, Citect SCADA, Vijeo Historian, and Citect Historian - Flexera License Manager Component Buffer Overflow See disclosure Security Notification – Vijeo Citect, Citect SCADA, Vijeo Historian, Citect Historian
2015/05/13 OPC Factory Server (OFS) - DLL Hijacking V3.5 and all previous versions Security Notification: OPC Factory Server (OFS)
2015/04/10 InduSoft Web Studio - Cleartext Project Window Password Storage 7.1.3.4 and all previous versions Security Notification - InduSoft Web Studio
2015/03/25 VAMPSET Software - Buffer Overflow 2.2.145 and all previous versions Security Notification - VAMPSET Software
2015/03/06 Pelco DS-NVs Video Management Software - Buffer Overflow 7.6.32 and all previous versions Security Notification - Pelco DS-NVs Video Management Software Vulnerability
2015/02/23 InduSoft Web Studio - Multiple Vulnerabilities 7.1.3.2 and all previous versions Security Notification - InduSoft Web Studio Vulnerabilities
2015/02/23 InTouch Machine Edition 2014 - Multiple Vulnerabilities 7.1.3.2 and all previous versions Security Notification - InTouch Machine Edition Vulnerability Disclosure
2015/02/20 DTM Software for SRD 960 and SRD 991 Control Valve Positioners - Stack Buffer Overflow 3.1.6 and all previous versions Vulnerability Disclosure for SRD960 and SRD991 Valve Positioner DTM
2015/01/09 SoMove, Unity, SoMachine - Insecure DLL in FDT1 DTM Setup See attached Security Notification - FDT V1.2 DTMs
2015/01/08 ETG 3000 FactoryCast Gateway - Multiple Vulnerabilities TSXETG3000 all versions TSXETG3010 all versions TSXETG3021 all versions TSXETG3022 all versions Vulnerability Disclosure - ETG3000 FactoryCast HMI Gateway
2017/01/11 HomeLYnk Controller - Cross-Site Scripting All versions prior to V1.50 Security Notification – homeLYnk Controller
2017/02/17 M340 Controller - Resource Exhaustion All versions prior to V2.9 Security Notification – M340 Controller 
2017/02/13 Wonderware Tableau Server - Privilege Escalation Tableau Server versions 7.0 to 10.1.3 LFSEC00000119
2017/02/17 M221/M241 Controller - Demonstration of exploit at RSA Conference All versions Security Notification – M221_M241 Controller
2017/02/21 HomeLYnk Controller - Command Injection v1.5.1 and prior Security Notification – HomeLYnk Controller
2017/02/21 Conext ComBox - Denial of Service v3.03 BN 830 and all firmware versions prior Security Notification – Conext ComBox
2017/03/06 Modicon PLC CVE-2017-6028 Improper session key implementation 171CBU98090 - All versions 171CBU98091 - All versions Security Notification – Modicon Family of PLCs
2017/03/17 IGSS Pelco Viewer - DLL hijacking v11 and prior Security Notification – IGSS Software
2017/03/16 Modicon - TCP Predictability M221/M241/M251 Security Notification – Modicon M221/M241/M251
2017/03/16 Modicon - Authentication Bypass (session cookie) M241/M251 Security Notification – Modicon M241/M251
2017/03/16 Modicon - Authentication Bypass (credentials) M241/M251 Security Notification – Modicon M241/M251
2017/03/24 PowerSCADA Expert Licensing Brick CVE-2016-6273 Denial of Service 171CBU98090 - All versions 171CBU98091 - All versions Security Notification – PowerSCADA Expert Licensing Brick
2017/03/24 PlantStruxure PES License Manager CVE-2016-6273 Denial of Service v11 and prior Security Notification – PlantStruxure PES License Manager
2017/03/24 Citect Floating License Manager - Denial of Service SCADA Expert Vijeo Citect / CitectSCADA- V7.30, 7.40, 7.50, 8.0 Vijeo Historian/Citect Historian –V4.40, 4.50, 4.60, Citect Anywhere Security Notification – Citect Floating License Manager
2017/03/31 IGSS Software - DLL Hijacking v12 and prior Security Notification – IGSS Software
2017/03/31 Wonderware InduSoft Web Studio - Privilege Escalation v8.0 Patch 3 and prior Security Notification – Wonderware InduSoft Web Studio
2017/04/07 SoMachine Basic CVE-2017-7574 Hardcoded Password-Fixed Key v1.5 and prior Security Notification – SoMachine Basic
2017/04/07 Modicon M221 / SoMachine Basic CVE-2017-7575 Weak Authentication/Authorization v1.5.0.1 of Modicon M221 firmware and prior and v1.5 of SoMachine versions and prior Security Notification – Modicon M221_SoMachine Basic
2017/05/05 SoMachine HVAC Programming Software - Buffer Overflow SoMachine HVAC v2.1.0 Programming Software for M171/M172 Controllers Security Notification – SoMachine HVAC Programming Software
2017/05/05 SoMachine HVAC Programming Software - DLL Hijacking SoMachine HVAC v2.1.0 Programming Software for M171/M172 Controllers Security Notification – SoMachine HVAC Programming Software
2017/06/20 Citect Anywhere - Cross site request forgery, outdated cipher suites, arbritrary server target nodes, escaping Citect app v1.0 Security Notification – Citect Anywhere
2017/06/15 Crash Override/Industroyer - Malware Module Customers leveraging IEC870-5-101, IEC870-5- 104, IEC61850, and OPC DA Protocols Security Notification – Crash Override
2017/06/22 PowerSCADA Anywhere CVE-2017-7969, CVE-2017-7970, CVE-2017-7971, CVE-2017-7972 Cross site request forgery, outdated cipher suites, arbritrary server target nodes, escaping application Version 1.0 of PowerSCADA Anywhere redistributed with PowerSCADA Expert v8.1 and v8.2 Security Notification – PowerSCADA Anywhere
2017/06/27 U.motion Builder Software CVE-2017-7973, CVE-2017-7974, CVE-2017-9956, CVE-2017-9957, CVE-2017-9958, CVE-2017-9959, CVE-2017-9960 SQL injection, Path Traversal, Authentication Bypass, Hard-Coded Password, Improper Access Control, Denial of Service, Information Disclosure v1.2.1 and prior Security Notification – U.motion Builder Software
2017/06/28 Petya - Ransomware attacks Customers who have not applied MS17-010 patch Security Notification – Petya Ransomware
2017/06/30 Wonderware ArchestrA Logger - Stack-based buffer overflow, uncontrolled resource consumption, null pointer dereference v2017.426.2307.1 and prior LFSEC00000116
2017/06/30 Ampla MES - Cleartext Storage of Sensitive Information, Use of Password Hash with Insufficient Computational Effort v6.4 and prior LFSEC00000118
2017/07/14 Pro-face GP-Pro EX CVE-2017-9961 Arbitrary code execution Version 4.07.000 Security Notification – Pro-face GP-Pro EX
2017/07/18 Trio TView Software 100+ Java Runtime Environment vulnerabilities v3.27.0 and prior Security Notification – Trio TView Software
2017/08/24 PowerSCADA Expert CVE-2017-9629, CVE-2017-9627, CVE-2017-9631 Remote Code Execution, Memory Leaks, Null Pointer Dereferences Wonderware ArchestrA Logger component used within the PowerSCADA Expert v8.2 product Security Notification – PowerSCADA Expert
2017/09/15 Indusoft Web Studio - Remote Arbitrary Command Execution InduSoft Web Studio v8.0 SP2 and prior LFSEC00000121
2017/09/21 ClearSCADA CVE-2017-9962 Memory Allocation ClearSCADA 2017, 2015 R2, 2015 R1.1, 2015 R1 and all prior versions Security Notification – ClearSCADA
2017/11/07 EcoStruxure Power Monitoring Expert, EcoStruxure Building Operation & StruxureWare PowerSCADA Expert CVE-2017-11357 cryptographic weakness in Telerik component EcoStruxure Power Monitoring Expert 8.2, 8.1, 8.0, 7.2.x, EcoStruxure Building Operation - Energy Expert, & StruxureWare PowerSCADA Expert versions 8.0, 8.1, 8.2, when using Advanced Reporting & Dashboards Module ONLY Security Notification – EcoStruxure Power Monitoring Expert, EcoStruxure Building Operation & StruxureWare PowerSCADA Expert
2017/11/09 InduSoft Web Studio & InTouch Machine Edition - Remote Code Execution InduSoft Web Studio v8.0 SP2 Patch 1 and prior versions InTouch Machine Edition v8.0 SP2 Patch 1 and prior versions LFSEC00000124
2017/12/05 Pelco VideoXpert Enterprise CVE-2017-9964, CVE-2017-9965, CVE-2017-9966 Security Bypass, Exposure of Sensitive Information, Privilege Escalation All versions prior to v2.1 Security Notification – Pelco VideoXpert Enterprise
2017/12/07 EcoStruxure Substation Operation User Interface CVE-2017-3635, CVE-2017-3636, CVE-2017-3641, CVE-2017-3651, CVE-2017-3652 Vulnerabilities in MySQL Server MySQL Server version 5.5.56 and earlier impacting EcoStruxure Substation Operation User Interface (formerly EcoSUI) version 2.1.17279 and earlier. Security Notification – EcoStruxure Substation Operation User Interface
2017/12/13 Triconex - Malware Discovered Affecting Triconex Safety Controllers All versions Security Notification - Malware Discovered Affecting Triconex Safety Controllers
2014/12/19 Wonderware InTouch Access Anywhere Server - Stack-based Buffer Overflow See attached LFSEC00000104 
2014/12/12 APC Products CVE-2014-3566 POODLE SSL V3 Vulnerability Multiple Products FA236744 
2014/12/10 ProClima Software CVE-2014- 8513, CVE-2014-8514, CVE-2014-9188, CVE2014-8511, CVE-2014-8512 ActiveX Control Vulnerability ProClima V6.0.1 and previous SEVD-2014-344-01
2014/10/30 APC Products CVE-2014-6271,CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278 Shellshock - Bash Utility Vulnerability Multiple Products FA234833 
2014/09/16 Modicon PLC Ethernet Comm Modules - Authentication Bypass on Web Server Many products affected - see disclosure for more details SEVD-2014-260-01
2014/09/04 VAMPSET Software - Software halt VAMPSET V2.2.136 and previous SEVD-2014-247-01
2014/08/29 SCADA Expert ClearSCADA - Weak Self-signed Certificate SCADA Expert ClearSCADA, all versions prior to September 2014 (see disclosure for details) SEVD-2014-241-01
2014/08/29 SCADA Expert ClearSCADA - Multiple Vulnerabilities SCADA Expert ClearSCADA, all versions prior to September 2014 (see disclosure for details) SEVD 2014-241-01A
2014/08/15 Wonderware Information Server - Multiple Vulnerabilities Wonderware Information Server, V5.5 and all versions prior (see disclosure for details) LFSEC00000102 
2014/03/25 OPC Factory Server - Buffer Overflow OFS v3.5 and previous SEVD 2014-084-01
2014/01/31 OPC Factory Server - Buffer Overflow in C++ Sample Code OPC Factory Server V3.35 and previous SEVD 2014-031-01
2014/01/24 SCADA Expert Vijeo Citect - Unhandled Exception StruxureWare SCADA Expert Vijeo Citect v7.40 SEVD 2014-024-02
2014/01/24 Vijeo Citect - Unhandled Exception Vijeo Citect v7.20 to v7.30SP1 SEVD 2014-024-02
2014/01/24 CitectSCADA - Unhandled Exception CitectSCADA v7.20 to v7.30SP1 SEVD 2014-024-02
2014/01/24 PowerSCADA Expert - Unhandled Exception StruxureWare PowerSCADA Expert v7.30 to v7.30SR1 SEVD 2014-024-02
2014/01/24 PowerLogic SCADA - Unhandled Exception PowerLogic SCADA v7.20 to v7.20SR1 SEVD 2014-024-02
2014/01/24 SCADA Expert ClearSCADA - File Parsing ClearSCADA 2010 R3.1 or previous SEVD 2014-024-01
2014/01/24 SCADA Expert ClearSCADA - File Parsing SCADA Expert ClearSCADA R2 or previous SEVD 2014-024-01
2014/01/15 Floating License Manager - Unquoted Service Path Versions 1.0.0 to 1.4.0 SEVD 2014-015-01
2013/12/30 Sage 3030 RTU - Improper DNP3 Input Validation SAGE 3030 C3413-500-001D3_P4 SEVD 2013-364-01
2013/12/30 Sage 3030 RTU - Improper DNP3 Input Validation SAGE 3030 C3413-500-001F0_PB SEVD 2013-364-01
2013/12/18 Accutech Manager Configuration Software - SQL Injection All versions prior to 2.00.4 SEVD 2013-352-01
2013/12/11 SCADAPack 33x, 35x - VxWorks Debug Port SCADAPack 33x V1.71 or previous SEVD 2013-345-01
2013/12/11 SCADAPack 33x, 35x - VxWorks Debug Port SCADAPack 35x V1.71 or previous SEVD 2013-345-01
2013/12/10 SUI Software - Buffer Overflow SUI V1.1 RC6 SEVD 2013-344-01
2013/12/10 SUI Software - Buffer Overflow SUI V1.1 RC7 SEVD 2013-344-01 
2013/12/05 SCADA Expert ClearSCADA Software - DNP3 Driver Fuzzing Vulnerability ClearSCADA 2010 - see disclosure SEVD 2013-339-01
2013/12/05 SCADA Expert ClearSCADA Software - DNP3 Driver Fuzzing Vulnerability SCADA Expert ClearSCADA 2013 - see disclosure SEVD 2013-339-01
2013/09/13 StruxureWare SCADA - Incorrect Handling of Web Requests SCADA Expert ClearSCADA 2013 R1 SEVD 2013-213-01
2013/09/13 Expert ClearSCADA Software - Incorrect Handling of Web Requests SCADA Expert ClearSCADA 2013 R1.1 SEVD 2013-213-01
2013/09/13 Expert ClearSCADA Software - Incorrect Handling of Web Requests SCADA Expert ClearSCADA 2013 R1.1a SEVD 2013-213-01
2013/08/23 OPC Factory Server (OFS) - XML External Entity OFS v3.40 and all previous versions SEVD 2013-235-01
2013/08/08 Trio Radio - AES Encryption Key Generation Trio J Series License Free Ethernet Radio V3.6.0, V3.6.1, V3.6.2 and V3.6.3 SEVD 2013-143-01
2013/07/31 Many - see disclosure - Default Passwords Many - see disclosure SEVD 2013-212-01
2013/07/16 Vijeo Citect - XML External Entity Vijeo Citect v7.2 and previous SEVD 2013-197-01
2013/07/16 Citect SCADA - XML External Entity Citect SCADA v7.2 and previous SEVD 2013-197-01
2013/07/16 Power Logic SCADA - XML External Entity PowerLogic SCADA v7.2 and previous SEVD 2013-197-01
2013/06/06 See disclosure - Microsoft Common Controls See disclosure SEVD 2013-157-01
2013/04/11 Citect SCADA - Buffer Overflow affecting Mitsubishi MX Component v3 Trial provided on Distribution Disk Citect SCADA v7.0 SEVD 2013-101-01
2013/04/11 Citect Facilities - Buffer Overflow affecting Mitsubishi MX Component v3 Trial provided on Distribution Disk Citect Facilities v7.1 SEVD 2013-101-01
2013/04/08 MiCOM S1 Studio Software - Read/Write access to executables in the Program Files directory MiCOM S1 Studio Software, all versions SEVD 2013-087-01
2013/03/11 Modbus Serial Driver - Buffer Overflow TwidoSuite SEVD 2013-070-01
2013/03/11 Modbus Serial Driver - Buffer Overflow PowerSuite SEVD 2013-070-01
2013/03/11 Modbus Serial Driver - Buffer Overflow SoMove SEVD 2013-070-01
2013/03/11 Modbus Serial Driver - Buffer Overflow SoMachine SEVD 2013-070-01
2013/03/11 Modbus Serial Driver - Buffer Overflow Unity Pro SEVD 2013-070-01
2013/03/11 Modbus Serial Driver - Buffer Overflow Unity Loader SEVD 2013-070-01
2013/03/11 Modbus Serial Driver - Buffer Overflow OFS SEVD 2013-070-01
2013/03/11 Modbus Serial Driver - Buffer Overflow PL7 SEVD 2013-070-01
2013/03/11 Modbus Serial Driver - Buffer Overflow Concept SEVD 2013-070-01
2013/02/25 TAC I/A G3 Series SW - Directory Traversal TAC I/A G3 ver. 3.5 and 3.6 SEVD 2013-056-01
2013/01/23 Quantum, Premium, - Multiple vulnerabilities See attached SEVD 2013-023-01
2013/01/23 M340 PLC Communication Modules - Multiple vulnerabilities See attached SEVD 2013-023-01
2013/01/21 Accutech Manager Software Tool - Heap Overflow Accutech Manager SW v2.00.1 and older SEVD 2013-021-01 
2013/01/17 PacDrive M, LMC 10/20, - Unauthorized Access to User Functions See attached SEVD 2013-017-01 
2013/01/17 LC3, BLM3, BLS, TLM, TLC, TLCC, ATV-CI, SMC, - Unauthorized Access to User Functions See attached SEVD 2013-017-01 
2013/01/17 Altivar ATV-IC - Unauthorized Access to User Functions See attached SEVD 2013-017-01 
2013/01/10 IGSS - Buffer Overflow IGSS V9 IGSS v9 Program Update (zip, 25Mb)
2013/01/10 IGSS - Buffer Overflow IGSS V10 IGSS V10 Program Update (zip, 11Mb)
2013/01/09 Schneider Electric Software Update (SESU) Utility - Non-signed client/server communication IDS SEVD 2013-009-01
2013/01/09 Schneider Electric Software Update (SESU) Utility - Non-signed client/server communication PowerSuite SEVD 2013-009-01
2013/01/09 Schneider Electric Software Update (SESU) Utility - Non-signed client/server communication Smart Widget SEVD 2013-009-01
2013/01/09 Schneider Electric Software Update (SESU) Utility - Non-signed client/server communication SoMachine SEVD 2013-009-01
2013/01/09 Schneider Electric Software Update (SESU) Utility - Non-signed client/server communication Spacial.pro SEVD 2013-009-01
2013/01/09 Schneider Electric Software Update (SESU) Utility - Non-signed client/server communication Unity Pro SEVD 2013-009-01
2013/01/09 Schneider Electric Software Update (SESU) Utility - Non-signed client/server communication Vijeo Designer SEVD 2013-009-01
2013/01/09 Schneider Electric Software Update (SESU) Utility - Non-signed client/server communication Web Gate Client Files SEVD 2013-009-01
2012/12/06 EzyLog Monitor - Multiple Vulnerabilities EzyLog Monitor, P/N PVSNVLOG all versions SEVD-2012-289-01A
2012/09/17 NMC Device IP Wizard CVE-2012-4681 Java Vulnerability NMC Device IP Wizard (Java Ver 7) FA162073 (pdf file, 152Kb)
2012/09/17 Netbotz Advanced View CVE-2012-4681 Java Vulnerability Netbotz Advanced View (Java Ver 6) FA162073 (pdf file, 152Kb)
2012/09/17 PowerChute Network Shutdown CVE-2012-4681 Java Vulnerability PowerChute Network Shutdown (Java Ver 6) FA162073 (pdf file, 152Kb)
2012/09/17 PowerChute Business Edition CVE-2012-4681 Java Vulnerability PowerChute Business Edition (Java Ver 6) FA162073 (pdf file, 152Kb)
2012/09/17 StruxureWare Data Center Expert CVE-2012-4681 Java Vulnerability StruxureWare Data Center Expert (Java Ver 6) FA162073 (pdf file, 152Kb)
2012/09/17 StruxureWare Operations CVE-2012-4681 Java Vulnerability StruxureWare Operations (Java Ver 6) FA162073 (pdf file, 152Kb)
2012/08/17 TAC I/A Series G3 Software - Multiple vulnerabilities All current versions of TAC I/A Series G3 Software TAC I/A Series G3 Software
2012/02/17 AQUIS - DLL Hijacking AQUIS V1.5 and any previous version AQUIS Patch (exe file, 163Mb)
2012/02/17 TERMIS - DLL Hijacking TERMIS V2.10 and any previous version TERMIS Patch (exe file, 175Mb)
2012/02/16 Quantum PLC - Metasploit tools to exploit HTTP user/PW information All RES207443 
2012/01/16 IGSS - IGSS DLL Hijacking All versions prior to V9.0.0.11291 IGSS Program Updates
2012/01/12 Quantum PLC - Multiple vulnerabilities See Resolution 206895 RES206895 
2012/01/12 Premium PLC - Multiple vulnerabilities See Resolution 206895 RES206895 
2012/01/12 M340 PLC - Multiple vulnerabilities See Resolution 206895 RES206895 
2012/01/12 Advantys STB DIO - Multiple vulnerabilities See Resolution 206895 RES206895 
2012/01/12 Quantum PLC - Multiple vulnerabilities See Resolutions and 297906 RES207378 and RES297906
2012/01/12 Premium PLC - Multiple vulnerabilities See Resolutions 207378 RES207378
2011/12/21 IGSS - IGSS Buffer Overflow v9.0.0.11355 and previous IGSS Program Updates
2011/12/20 IGSS Data Server - Denial of Service and Buffer Overflow v9.0.0.11200 and previous IGSS Program Updates
2011/12/12 ION Power Meters and ION Setup SW - Remote factory-level access ION 7500/7600/8300/ ION Meter Information
2011/12/12 ION Power Meters and ION Setup SW - Remote factory-level access 8400/8500 all versions ION 7550 Patch
2011/12/12 ION Power Meters and ION Setup SW - Remote factory-level access - ION 7650 Patch
2011/12/12 ION Power Meters and ION Setup SW - Remote factory-level access ION 7550/7650 prior to v371 ION 8600 Patch
2011/12/12 ION Power Meters and ION Setup SW - Remote factory-level access ION 8600 prior to v335 ION 8650 Patch
2011/12/12 ION Power Meters and ION Setup SW - Remote factory-level access ION 8650 prior to v403 ION 8800 Patch
2011/12/12 ION Power Meters and ION Setup SW - Remote factory-level access ION 8800 prior to v340 ION Setup SW
2011/12/12 ION Power Meters and ION Setup SW - Remote factory-level access ION Setup SW prior to v3.0 ION Setup SW
2011/12/11 IGSS and Safenet Sentinel HASP - Input sanitization HASP SDK prior to v5.11, HASP run-time prior to v6.x, IGSS V7 Sentinel updates 
2011/12/07 PowerChute - Cross-site Scripting (XSS) PowerChute Business Edition (prior to v8.5) PowerChute Information
2011/11/28 Vijeo Historian - Web Server multiple vulnerabilities Vijeo Historian v4.3 and previous Citect Information and Patch 
2011/11/28 Citect Historian - Web Server multiple vulnerabilities Citect Historian v4.3 and previous Citect Information and Patch 
2011/11/28 Citect SCADA Reports - Web Server multiple vulnerabilities Citect SCADA Reports v4.1 and previous Citect Information and Patch 
2011/11/08 Citect SCADA and Mitsubishi MX4 SCADA Batch Server - Buffer overflow CitectSCADA V7.10 and prior using the CitectSCADA Batch Server module Citect Information 
2011/11/08 Citect SCADA and Mitsubishi MX4 SCADA Batch Server - Buffer overflow Mitsubishi MX4 SCADA V7.10 and prior using the MX4 SCADA Batch module Citect Information 
2011/10/20 Unity Pro - Unitelway Device Driver Buffer Overflow Unity Pro v6 and previous OFS Information and Patch 
2011/10/20 OPC Factory Server - Unitelway Device Driver Buffer Overflow OPC Factory Server v3.34 and previous OFS Information and Patch 
2011/10/20 Vijeo Citect - Unitelway Device Driver Buffer Overflow Vijeo Citect v7.2 and previous OFS Information and Patch 
2011/10/20 Telemecanique Driver Pack Monitor Pro - Unitelway Device Driver Buffer Overflow Telemecanique Driver Pack v2.6 and previous OFS Information and Patch 
2011/10/20 PL7 Pro - Unitelway Device Driver Buffer Overflow Monitor Pro v7.6 and previous OFS Information and Patch 
2011/10/20 PL7 Pro - Unitelway Device Driver Buffer Overflow PL7 Pro v4.5 and previous OFS Information and Patch 
2011/08/25 ClearSCADA, SCX6 - Remote Authentication Bypass ClearSCADA 2010 R1.0, ClearSCADA 2009, ClearSCADA 2007, ClearSCADA 2005, SCX Version 6.69 R1 and earlier, SCX Version 6.68 and earlier, SCX Version 6.67 and earlier ClearSCADA Information and Patch 
2011/07/08 IGSS - ODBC Remote Memory Corruption IGSS prior to ver 9.11143 IGSS v9 Program Updates
2011/06/06 IGSS - IGSS Denial of Service IGSS Prior to v7.10033 IGSS v7 Program Updates
2011/06/06 IGSS - IGSS Denial of Service IGSS Prior to v8.11102 IGSS v8 Program Updates
2011/06/06 IGSS - IGSS Denial of Service IGSS Prior to v9.11143 IGSS v9 Program Updates
2011/05/06 IGSS - Multiple vulnerabilities IGSS Prior to ver 9.0.0.11083 IGSS v9 Program Updates
2011/04/29 IGSS - Remote stack overflow IGSS ver. 9 and all previous versions IGSS Program Updates 
2011/03/21 IGSS - Multiple vulnerabilities IGSS ver 9.00.00.1 and previous IGSS Program Updates 
2011/02/16 ClearSCADA - Multiple Vulnerabilities ClearSCADA 2005 (all versions), ClearSCADA 2007 (all versions), ClearSCADA 2009 (all versions) ClearSCADA Information and Patch 
2011/02/08 IGSS - ODBC Server Remote Heap Corruption IGSS vers. 8 & 9 IGSS Program Updates 
Nos conseillers sont disponibles pour répondre à vos questions de 8h00 à 18h00 du lundi au vendredi toute l'année.