cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-2988,https://securityvulnerability.io/vulnerability/CVE-2022-2988,Out-of-bounds Write Vulnerability in EcoStruxure Machine Expert and SoMachine HVAC by Schneider Electric,"An out-of-bounds write vulnerability can be exploited when users access a malicious webpage through the commissioning software. This may lead to the leakage of sensitive information, posing a significant risk to the security of the system. Affected versions include SoMachine HVAC prior to V2.1.0 and EcoStruxure Machine Expert – HVAC prior to V1.4.0. It is crucial for users to update their software to mitigate these risks.",Schneider Electric,"Somachine Hvac,Ecostruxure Machine Expert – Hvac",4.3,MEDIUM,0.0014100000262260437,false,,false,false,false,,,false,false,,2023-01-30T00:00:00.000Z,0
CVE-2019-6826,https://securityvulnerability.io/vulnerability/CVE-2019-6826,Untrusted Search Path Vulnerability in SoMachine HVAC by Schneider Electric,"An untrusted search path vulnerability exists in SoMachine HVAC, allowing attackers to exploit the loading of malicious DLL libraries. This could lead to arbitrary code execution on the system running the affected software, potentially compromising the integrity and security of the entire environment. Users are urged to update to newer versions to mitigate this risk.",Schneider Electric,Somachine Hvac,7.8,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2019-09-17T19:57:55.000Z,0
CVE-2017-7966,https://securityvulnerability.io/vulnerability/CVE-2017-7966,,A DLL Hijacking vulnerability in the programming software in Schneider Electric's SoMachine HVAC v2.1.0 allows a remote attacker to execute arbitrary code on the targeted system. The vulnerability exists due to the improper loading of a DLL.,Schneider Electric,Somachine Hvac Programming Software,8.8,HIGH,0.006909999996423721,false,,false,false,false,,,false,false,,2017-06-07T19:00:00.000Z,0
CVE-2017-7965,https://securityvulnerability.io/vulnerability/CVE-2017-7965,,"A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller.",Schneider Electric,Somachine Hvac Programming Software,7.3,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2017-06-07T19:00:00.000Z,0
CVE-2016-4529,https://securityvulnerability.io/vulnerability/CVE-2016-4529,,"An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag.",Schneider Electric,Somachine Hvac Firmware,7.3,HIGH,0.2217700034379959,false,,false,false,false,,,false,false,,2016-07-15T16:00:00.000Z,0