cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-7489,https://securityvulnerability.io/vulnerability/CVE-2020-7489,Injection Vulnerability in EcoStruxure Machine Expert and SoMachine Basic Software by Schneider Electric,"A vulnerability exists in EcoStruxure Machine Expert and SoMachine Basic programming software due to improper handling of special output elements. This flaw could allow an attacker to perform DLL substitution, enabling the transfer of malicious code to the controller. This risk emphasizes the importance of ensuring safe coding practices and robust security measures within software implementations.",Schneider Electric,Somachine Basic (all Versions)ecostruxure Machine Expert – Basic (all Versions)modicon M100 Logic Controller (all Versions)modicon M200 Logic Controller (all Versions)modicon M221 Logic Controller (all Versions),9.8,CRITICAL,0.0025500000920146704,false,,false,false,false,,,false,false,,2020-04-22T18:15:57.000Z,0
CVE-2018-7823,https://securityvulnerability.io/vulnerability/CVE-2018-7823,Remote Launch Vulnerability in SoMachine Basic and Modicon M221 by Schneider Electric,"An Environment vulnerability identified in SoMachine Basic allows attackers to remotely launch the application by sending specially crafted Ethernet messages. This affects all versions of SoMachine Basic, as well as Modicon M221 devices with firmware versions prior to V1.10.0.0, potentially exposing critical systems to exploitation.",Schneider Electric,"Somachine Basic And Modicon M221, Somachine Basic, All Versions Modicon M221, All References, All Versions Prior To Firmware V1.10.0.0",5.3,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2019-05-22T19:37:45.000Z,0
CVE-2018-7822,https://securityvulnerability.io/vulnerability/CVE-2018-7822,Incorrect Default Permissions Vulnerability in SoMachine Basic by Schneider Electric,"An incorrect default permissions vulnerability exists in SoMachine Basic and Modicon M221, allowing unauthorized access to sensitive resource files on systems utilizing SoMachine Basic. This issue may expose crucial configuration and operational data, creating potential security risks for users who do not update their systems or apply the appropriate security measures.",Schneider Electric,"Somachine Basic And Modicon M221, Somachine Basic, All Versions Modicon M221, All References, All Versions Prior To Firmware V1.10.0.0",5.5,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2019-05-22T19:37:16.000Z,0
CVE-2018-7821,https://securityvulnerability.io/vulnerability/CVE-2018-7821,Environment Vulnerability in SoMachine Basic and Modicon M221 by Schneider Electric,"An environment vulnerability exists in SoMachine Basic and Modicon M221, which can lead to significant cycle time degradation. When the Ethernet/IP adapter is activated, excessive flooding of the M221's Ethernet interface can disrupt normal operations, potentially impacting system performance and efficiency. Users should ensure firmware is updated to version V1.10.0.0 or higher to mitigate this issue.",Schneider Electric,"Somachine Basic And Modicon M221, Somachine Basic, All Versions Modicon M221, All References, All Versions Prior To Firmware V1.10.0.0",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2019-05-22T19:36:47.000Z,0
CVE-2018-7783,https://securityvulnerability.io/vulnerability/CVE-2018-7783,,Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band (OOB) attack. The vulnerability is triggered when input passed to the xml parser is not sanitized while parsing the xml project/template file.,Schneider Electric,Somachine Basic,7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2018-07-03T14:29:00.000Z,0