Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Schneider-electric Subscribe
Filtered by product Ecostruxure Power Build - Rapsody
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-22697 1 Schneider-electric 1 Ecostruxure Power Build - Rapsody 2022-01-31 6.8 MEDIUM 7.8 HIGH
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.
CVE-2021-22698 1 Schneider-electric 1 Ecostruxure Power Build - Rapsody 2022-01-31 6.8 MEDIUM 7.8 HIGH
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.