CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

schneider-electric

somachine_motion

3 known vulnerabilities · sorted by CVSS score

CVE-2020-7487

CRITICAL9.8

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.

schneider-electric / ecostruxure_machine_expert+6

Network

Published Apr 22, 2020

CVE-2020-7488

HIGH7.5

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers.

schneider-electric / ecostruxure_machine_expert+6

Network

Published Apr 22, 2020

CVE-2020-28220

MEDIUM6.8

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file transferred to the webserver is not verified.

schneider-electric / modicon_m258_firmware+2

Adjacent

Published Dec 11, 2020