schneider-electric

somachine_hvac

2 known vulnerabilities · sorted by CVSS score

CVE-2019-6826

A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product.

schneider-electric / somachine_hvac

Local

Published Sep 17, 2019

CVE-2022-2988

MEDIUM4.3

A CWE-787: Out-of-bounds Write vulnerability exists that could cause sensitive information leakage when accessing a malicious web page from the commissioning software. Affected Products: SoMachine HVAC (Versions prior to V2.1.0), EcoStruxure Machine Expert – HVAC (Versions prior to V1.4.0)

schneider-electric / ecostruxure_machine_expert_-_hvac+1

Network

Published Jan 30, 2023