Schneider-Electric Somove vulnerabilities
3 known vulnerabilities affecting schneider-electric/somove.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2020-7527HIGHCVSS 7.8≤ 2.8.12020-08-31
CVE-2020-7527 [HIGH] CWE-276 CVE-2020-7527: Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) and prior which could cause ele
Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) and prior which could cause elevation of privilege and provide full access control to local system users to SoMove component and services when a SoMove installer script is launched.
nvd
CVE-2018-7239HIGHCVSS 7.8fixed in 2.6.22018-03-09
CVE-2018-7239 [HIGH] CWE-426 CVE-2018-7239: A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM soft
A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code.
nvd
CVE-2013-0662CRITICALCVSS 9.3PoC≤ 1.72014-04-01
CVE-2013-0662 [CRITICAL] CWE-787 CVE-2013-0662: Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
nvd