ICSA-16-196-03
·
Published 2025-06-09
·
View on CISA ICS-CERT ↗
Schneider Electric SoMachine HVAC Unsafe ActiveX Control Vulnerability
CVSS 7.3
HIGH
CVEs (1)
Remediations
- Schneider Electric has released a patch that resolves the vulnerability. Schneider Electric’s patch is available at the following location: (http://www.schneider-electric.com/ww/en/download/document/SoMachine%20HVAC%20-%20Programming%20Software%20for%20Modicon%20M171-M172%20Logic%20Controllers)
- Schneider Electric’s security notice SEVD-2016-161-01 is available at the following location: (http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-161-01)
Affected Vendors
Schneider Electric
Affected Products (1)
Schneider Electric
·
SoMachine HVAC-Application
<=2.0.2
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more