Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-2988 | 1 Schneider-electric | 2 Ecostruxure Machine Expert - Hvac, Somachine Hvac | 2023-02-07 | N/A | 7.5 HIGH |
A CWE-787: Out-of-bounds Write vulnerability exists that could cause sensitive information leakage when accessing a malicious web page from the commissioning software. Affected Products: SoMachine HVAC (Versions prior to V2.1.0), EcoStruxure Machine Expert – HVAC (Versions prior to V1.4.0) | |||||
CVE-2019-6826 | 1 Schneider-electric | 1 Somachine Hvac | 2022-02-03 | 6.8 MEDIUM | 7.8 HIGH |
A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product. | |||||
CVE-2017-7965 | 1 Schneider-electric | 1 Somachine Hvac | 2022-01-31 | 4.6 MEDIUM | 7.3 HIGH |
A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller. |