Schneider Electric ICS Security Advisories
145 CISA ICS-CERT advisories published for Schneider Electric industrial control system products. Data updated every 2 hours.
32
Critical
64
High
47
Medium
2
Low
| Severity | CVSS | Advisory | Products | Published |
|---|---|---|---|---|
| HIGH | 7.8 |
Schneider Electric EcoStruxure (Update D)
ICSA-25-037-02 · 1 CVE
|
EcoStruxure™ Control Expert,
EcoStruxure™ Process Expert,
EcoStruxure™ OPC UA Server Expert
+23 more
|
2026-04-02 |
| MEDIUM | 6.5 |
Schneider Electric EcoStruxure Foxboro DCS
ICSA-26-083-02 · 1 CVE
|
EcoStruxure Foxboro DCS,
EcoStruxure Foxboro DCS
|
2026-03-24 |
| CRITICAL | 10.0 |
"Schneider Electric Plant iT/Brewmaxx"
ICSA-26-083-03 · 4 CVEs
|
Plant iT/Brewmaxx
|
2026-03-24 |
| MEDIUM | 5.3 |
Schneider Electric Modicon M241, M251, and M262
ICSA-26-078-01 · 1 CVE
|
Modicon M241,
Modicon M251,
Modicon M262
+3 more
|
2026-03-19 |
| MEDIUM | 5.4 |
Schneider Electric Modicon Controllers M241, M251, M258, and LMC058
ICSA-26-078-02 · 1 CVE
|
Modicon Controller M241 Firmware,
Modicon Controller M241 Firmware,
Modicon Controller M251
+3 more
|
2026-03-19 |
| HIGH | 8.2 |
Schneider Electric EcoStruxure Automation Expert
ICSA-26-078-03 · 1 CVE
|
EcoStruxure™ Automation Expert,
EcoStruxure™ Automation Expert
|
2026-03-19 |
| HIGH | 7.8 |
Schneider Electric EcoStruxure PME and EPO
ICSA-26-078-04 · 1 CVE
|
EcoStruxure Power Monitoring Expert (PME) 2022,
EcoStruxure Power Monitoring Expert (PME),
EcoStruxure Power Monitoring Expert (PME)
+6 more
|
2026-03-19 |
| HIGH | 7.8 |
Schneider Electric EcoStruxure Power Build Rapsody (Update A)
ICSA-26-015-10 · 2 CVEs
|
EcoStruxure Power Build Rapsody software,
EcoStruxure Power Build Rapsody software,
EcoStruxure Power Build Rapsody software
+18 more
|
2026-03-17 |
| CRITICAL | 9.8 |
Schneider Electric SCADAPack and RemoteConnect
ICSA-26-076-02 · 1 CVE
|
SCADAPack™,
SCADAPack™,
SCADAPack™
+8 more
|
2026-03-17 |
| HIGH | 7.2 |
Schneider Electric EcoStruxure Data Center Expert
ICSA-26-076-03 · 1 CVE
|
EcoStruxure IT Data Center Expert,
EcoStruxure IT Data Center Expert
|
2026-03-17 |
| HIGH | 8.8 |
Schneider Electric EcoStruxure Power Operation (Update A)
ICSA-25-203-04 · 6 CVEs
|
EcoStruxure Power Operation (EPO) 2022,
EcoStruxure Power Operation (EPO) 2024
|
2026-02-25 |
| HIGH | 7.3 |
Schneider Electric EcoStruxure Building Operation Workstation
ICSA-26-055-02 · 2 CVEs
|
EcoStruxure Building Operation Workstation,
EcoStruxure Building Operation Workstation,
EcoStruxure Building Operation Workstation
+13 more
|
2026-02-24 |
| MEDIUM | 5.5 |
Schneider Electric Uni-Telway Driver (Update C)
ICSA-25-070-01 · 1 CVE
|
Uni-Telway driver,
EcoStruxure™ Control Expert,
EcoStruxure™ Control Expert
+5 more
|
2026-02-24 |
| MEDIUM | 6.5 |
Schneider Electric EcoStruxure Foxboro DCS (Update A)
ICSA-26-020-01 · 1 CVE
|
|
2026-02-24 |
| CRITICAL | 9.8 |
Schneider Electric Wiser Home Controller WHC-5918A
ICSA-25-112-03 · 1 CVE
|
Wiser Home Controller WHC-5918A
|
2026-01-30 |
| HIGH | 7.8 |
Schneider Electric RemoteConnect and SCADAPack x70 Utilities (Update A)
ICSA-25-028-06 · 1 CVE
|
RemoteConnect and SCADAPack™ x70 Utilities - RemoteConnect,
RemoteConnect and SCADAPack™ x70 Utilities - Security Administrator,
RemoteConnect configuration software
|
2026-01-29 |
| MEDIUM | 6.5 |
Schneider Electric Zigbee Products
ICSA-26-027-03 · 5 CVEs
|
Wiser iTRV2,
Wiser iTRV3,
Wiser RTR2
+31 more
|
2026-01-27 |
| HIGH | 7.3 |
Schneider Electric
ICSA-26-022-01 · 1 CVE
|
EcoStruxure™ Process Expert,
EcoStruxure™ Process Expert ,
EcoStruxure™ Process Expert
|
2026-01-22 |
| HIGH | 8.1 |
Schneider Electric Modicon M340, MC80, and Momentum Unity M1E (Update B)
ICSA-24-326-04 · 3 CVEs
|
Modicon M340 CPU Firmware,
Modicon M340 CPU Firmware,
Modicon MC80 Firmware
+3 more
|
2026-01-20 |
| HIGH | 8.8 |
Schneider Electric devices using CODESYS Runtime
ICSA-26-020-02 · 37 CVEs
|
HMISCU Controller,
Modicon Controller LMC078,
Modicon Controller M241
+24 more
|
2026-01-20 |
| CRITICAL | 9.8 |
Schneider Electric EcoStruxure Foxboro DCS Advisor
ICSA-25-352-02 · 1 CVE
|
|
2025-12-18 |
| HIGH | 8.8 |
Schneider Electric EcoStruxure Power Monitoring Expert
ICSA-25-224-03 · 5 CVEs
|
EcoStruxure Power Monitoring Expert (PME),
EcoStruxure Power Monitoring Expert (PME),
EcoStruxure Power Monitoring Expert (PME)
+7 more
|
2025-11-11 |
| HIGH | 8.4 |
Schneider Electric EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio
ICSA-25-322-01 · 1 CVE
|
EcoStruxure Machine SCADA Expert,
EcoStruxure Machine SCADA Expert,
BLUE Open Studio
+1 more
|
2025-11-11 |
| HIGH | 7.8 |
Schneider Electric PowerChute Serial Shutdown
ICSA-25-322-04 · 3 CVEs
|
PowerChute™ Serial Shutdown,
PowerChute™ Serial Shutdown
|
2025-11-11 |
| MEDIUM | 5.4 |
Schneider Electric Modicon Controllers (Update A)
ICSA-24-354-07 · 1 CVE
|
Schneider Electric Modicon Controllers M258 / LMC058,
Schneider Electric Modicon Controllers M262,
Schneider Electric Modicon Controllers M251
+1 more
|
2025-10-21 |
| CRITICAL | 9.8 |
Schneider Electric Modicon
ICSA-24-352-04 · 1 CVE
|
Modicon Controllers M241,
Modicon Controllers M251,
Modicon Controllers M258
+5 more
|
2025-10-14 |
| HIGH | 7.5 |
Schneider Electric Modicon Controllers (Update B)
ICSA-25-140-08 · 1 CVE
|
Modicon Controllers M241,
Modicon Controllers M241,
Modicon Controllers M251
+7 more
|
2025-10-14 |
| MEDIUM | 6.1 |
Schneider Electric Altivar products ATVdPAC module ILC992 InterLink Converter (Update A)
ICSA-25-259-01 · 1 CVE
|
ATVdPAC module,
ATVdPAC module,
ATV630
+42 more
|
2025-10-14 |
| HIGH | 7.5 |
Schneider Electric EcoStruxure
ICSA-25-301-01 · 1 CVE
|
EcoStruxure OPC UA Server Expert,
EcoStruxure OPC UA Server Expert,
EcoStruxure Modicon Communication Server
|
2025-10-14 |
| CRITICAL | 10.0 |
Schneider Electric Galaxy VS, Galaxy VL, Galaxy VXL (Update A)
ICSA-25-140-07 · 1 CVE
|
Galaxy VS,
Galaxy VS,
Galaxy VL
+3 more
|
2025-09-24 |
| MEDIUM | 6.6 |
Schneider Electric Saitel DR & Saitel DP Remote Terminal Unit
ICSA-25-261-03 · 2 CVEs
|
Schneider Electric Saitel DR RTU,
Schneider Electric Saitel DP RTU
|
2025-09-18 |
| CRITICAL | 9.8 |
Schneider Electric communication modules for Modicon M580 and Quantum controllers (Update B)
ICSA-25-058-01 · 1 CVE
|
Modicon M580 communication modules BMENOC BMENOC0321,
Modicon M580 communication modules BMECRA BMECRA31210,
Modicon M580/Quantum communication modules BMXCRA BMXCRA31200
+3 more
|
2025-09-09 |
| HIGH | 7.1 |
Schneider Electric Pro-face GP-Pro EX and Remote HMI (Update A)
ICSA-25-035-07 · 1 CVE
|
GP-Pro EX,
GP-Pro EX,
Remote HMI
+1 more
|
2025-09-09 |
| MEDIUM | 4.5 |
Schneider Electric EcoStruxure
ICSA-25-254-08 · 2 CVEs
|
EcoStruxure™ Building Operation Enterprise Server,
EcoStruxure™ Building Operation Enterprise Server,
EcoStruxure™ Building Operation Enterprise Server
+15 more
|
2025-09-09 |
| HIGH | 7.3 |
Schneider Electric SESU
ICSA-25-266-03 · 1 CVE
|
SESU,
SESU
|
2025-09-09 |
| HIGH | 8.6 |
Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H
ICSA-25-035-06 · 1 CVE
|
Modicon M340 processors,
Modbus/TCP Ethernet Modicon M340 module,
Modbus/TCP Ethernet Modicon M340 module
+4 more
|
2025-08-12 |
| HIGH | 7.5 |
Schneider Electric Modicon M340 Controller and Communication Modules
ICSA-25-238-03 · 1 CVE
|
Modicon M340,
Ethernet / Serial RTU Module,
M580 Global Data module
+5 more
|
2025-08-12 |
| MEDIUM | 6.7 |
Schneider Electric Saitel DR & Saitel DP Remote Terminal Unit
ICSA-25-240-03 · 1 CVE
|
Saitel DR RTU,
Saitel DR RTU,
Saitel DP RTU
|
2025-08-12 |
| MEDIUM | 6.5 |
Schneider Electric Modicon M340, BMXNOE0100, and BMXNOE0110
ICSA-25-254-09 · 1 CVE
|
Modicon M340,
Modbus/TCP Ethernet Modicon M340 module,
Modbus/TCP Ethernet Modicon M340 module
+2 more
|
2025-08-12 |
| HIGH | 7.8 |
Schneider Electric Vijeo Designer and EcoStruxureâ„¢ Machine Expert (Update A)
ICSA-25-014-02 · 1 CVE
|
Vijeo Designer ,
Vijeo Designer ,
Vijeo Designer
+2 more
|
2025-07-08 |
| MEDIUM | 6.5 |
Schneider Electric Modicon Controllers (Update A)
ICSA-25-175-03 · 6 CVEs
|
Modicon Controllers M241,
Modicon Controllers M241,
Modicon Controllers M251
+7 more
|
2025-07-08 |
| HIGH | 7.2 |
Schneider Electric EVLink WallBox (Update A)
ICSA-25-175-04 · 4 CVEs
|
EVLink WallBox
|
2025-07-08 |
| MEDIUM | 4.3 |
Schneider Electric EcoStruxure
ICSA-25-203-03 · 1 CVE
|
EcoStruxure™ Power Monitoring Expert (PME),
EcoStruxure™ Power Monitoring Expert (PME),
EcoStruxure™ Power Monitoring Expert (PME)
+7 more
|
2025-07-08 |
| MEDIUM | 6.9 |
Schneider Electric System Monitor Application
ICSA-25-203-05 · 1 CVE
|
Harmony Industrial PC,
Pro-face Industrial PC
|
2025-07-08 |
| CRITICAL | 10.0 |
Schneider Electric EcoStruxture IT Data Center Expert
ICSA-25-203-06 · 6 CVEs
|
EcoStruxure™ IT Data Center Expert,
EcoStruxure™ IT Data Center Expert
|
2025-07-08 |
| CRITICAL | 9.3 |
Schneider Electric Serial Modbus Driver Buffer Overflow (Update A)
ICSA-14-086-01A · 1 CVE
|
TwidoSuite,
PowerSuite,
SoMove
+13 more
|
2025-06-25 |
| MEDIUM | 6.3 |
Schneider Electric ProClima ActiveX Control Vulnerabilities
ICSA-15-335-02 · 1 CVE
|
ProClima
|
2025-06-25 |
| MEDIUM | 6.9 |
Schneider Electric Wonderware System Platform Vulnerabilities
ICSA-15-169-02 · 1 CVE
|
Wonderware System Platform 2014
|
2025-06-18 |
| CRITICAL | 9.3 |
Schneider Electric Vijeo Historian Web Server Multiple Vulnerabilities
ICSA-11-307-01 · 4 CVEs
|
Vijeo Historian,
CitectHistorian,
CitectSCADA Reports
|
2025-06-09 |
| MEDIUM | 4.6 |
CitectSCADA and Mitsubishi MX4 SCADA Batch Server Buffer Overflow
ICSA-11-279-02 · 1 CVE
|
Schneider Electric CitectSCADA using the CitectSCADA Batch Server module,
Mitsubishi MX4 SCADA using the MX4 SCADA Batch module
|
2025-06-09 |
| HIGH | 7.2 |
Schneider Electric UnitelWay Buffer Overflow
ICSA-11-277-01 · 1 CVE
|
Unity Pro Windows XP,
OPC Factory Server Windows XP,
Vijeo Citect Windows XP
+3 more
|
2025-06-09 |
| HIGH | 7.5 |
Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability
ICSA-14-135-02 · 1 CVE
|
Tableau Server,
Tableau Server
|
2025-06-09 |
| MEDIUM | 5.0 |
Schneider Electric OPC Factory Server Buffer Overflow
ICSA-14-093-01 · 1 CVE
|
TLXCDSUOFS33,
TLXCDSTOFS33,
TLXCDLUOFS33
+2 more
|
2025-06-09 |
| MEDIUM | 6.8 |
Schneider Electric StruxureWare SCADA Expert ClearSCADA Parsing Vulnerability
ICSA-14-072-01 · 1 CVE
|
ClearSCADA 2010 R2,
ClearSCADA 2010 R2.1,
ClearSCADA 2010 R3
+6 more
|
2025-06-09 |
| MEDIUM | 6.8 |
Schneider Electric OFS Buffer Overflow Vulnerability
ICSA-14-058-02 · 1 CVE
|
TLXCDSUOFS33,
TLXCDSTOFS33,
TLXCDLUOFS33
+2 more
|
2025-06-09 |
| MEDIUM | 6.9 |
Schneider Electric Floating License Manager Vulnerability
ICSA-14-058-01 · 1 CVE
|
Floating License Manager
|
2025-06-09 |
| HIGH | 7.3 |
Schneider Electric SoMachine HVAC Unsafe ActiveX Control Vulnerability
ICSA-16-196-03 · 1 CVE
|
SoMachine HVAC-Application
|
2025-06-09 |
| MEDIUM | 6.1 |
Schneider Electric PowerLogic PM8ECC Cross-site Scripting Vulnerability
ICSA-16-173-02 · 1 CVE
|
PowerLogic PM8ECC
|
2025-06-09 |
| CRITICAL | 10.0 |
Schneider Electric Quantum Ethernet Module Hard-Coded Credentials
ICSA-12-018-01B · 1 CVE
|
140NOE77101,
140NOE77111,
140NOE77100
+23 more
|
2025-06-09 |
| HIGH | 7.5 |
Schneider Electric Modicon M340 Buffer Overflow Vulnerability
ICSA-15-351-01 · 1 CVE
|
Modicon M340 PLC,
Modicon M340 PLC,
Modicon M340 PLC
+10 more
|
2025-06-09 |
| CRITICAL | 10.0 |
Schneider Electric Wonderware InTouch Access Anywhere Server Buffer Overflow Vulnerability
ICSA-15-008-02 · 1 CVE
|
InTouch Access Anywhere Server,
InTouch Access Anywhere Server
|
2025-06-06 |
| CRITICAL | 10.0 |
Schneider Electric ProClima Command Injection Vulnerabilities
ICSA-14-350-01 · 5 CVEs
|
ProClima
|
2025-06-06 |
| MEDIUM | 6.4 |
Schneider Electric SCADA Expert ClearSCADA Vulnerabilities (Update A)
ICSA-14-259-01A · 3 CVEs
|
ClearSCADA 2010,
ClearSCADA 2010,
SCADA Expert ClearSCADA 2013
+6 more
|
2025-06-06 |
| MEDIUM | 4.1 |
Schneider Electric VAMPSET Buffer Overflow
ICSA-14-254-01 · 1 CVE
|
VAMPSET
|
2025-06-06 |
| HIGH | 8.5 |
Schneider Electric PLCs Vulnerabilities
ICSA-13-077-01B · 2 CVEs
|
Modicon M340 PLC modules,
Quantum PLC modules,
Premium PLC modules
|
2025-06-06 |
| CRITICAL | 9.3 |
Schneider Electric Authenticated Communication Risk Vulnerability
ICSA-13-016-01 · 1 CVE
|
Unity Pro,
Unity Pro,
Unity Pro
+15 more
|
2025-06-06 |
| MEDIUM | 6.9 |
Schneider Electric Invensys Positioner Buffer Overflow Vulnerability
ICSA-15-055-03 · 1 CVE
|
DTM used with SRD 960 Control Valve Positioners,
DTM used with SRD 991 Control Valve Positioners
|
2025-06-06 |
| CRITICAL | 10.0 |
Schneider Electric ETG3000 FactoryCast HMI Gateway Vulnerabilities
ICSA-15-020-02 · 2 CVEs
|
TSXETG3000,
TSXETG3010,
TSXETG3021
+1 more
|
2025-06-06 |
| HIGH | 7.7 |
Schneider Electric IMT25 DTM Vulnerability
ICSA-15-223-01 · 1 CVE
|
IMT25 Magnetic Flow DTM
|
2025-06-06 |
| LOW | 1.7 |
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Password Storage Vulnerability
ICSA-15-211-01 · 1 CVE
|
InduSoft Web Studio,
InTouch Machine Edition 2014
|
2025-06-06 |
| MEDIUM | 5.0 |
Schneider Electric StruxureWare Building Expert Plaintext Credentials Vulnerability
ICSA-15-167-01 · 1 CVE
|
StruxureWare Building Expert MPM
|
2025-06-06 |
| HIGH | 7.3 |
Schneider Electric OFS Server Vulnerability (Update A)
ICSA-15-141-01A · 1 CVE
|
OPC Factory Server (OSF),
OFS,
OFS v3.5
+1 more
|
2025-06-06 |
| MEDIUM | 4.4 |
Schneider Electric VAMPSET Software Buffer Overflow Vulnerability
ICSA-15-092-01 · 1 CVE
|
VAMPSET
|
2025-06-06 |
| LOW | 2.1 |
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities (Update A)
ICSA-15-085-01A · 1 CVE
|
InduSoft Web Studio,
InTouch Machine Edition 2014
|
2025-06-06 |
| HIGH | 7.5 |
Schneider Electric Pelco DS-NVs Buffer Overflow Vulnerability
ICSA-15-071-01 · 1 CVE
|
Pelco DS-NVs
|
2025-06-06 |
| HIGH | 7.5 |
Schneider Electric Multiple Products Buffer Overflow Vulnerability
ICSA-15-027-02 · 1 CVE
|
Unity Pro,
SoMachine,
SoMove
+9 more
|
2025-06-06 |
| CRITICAL | 10.0 |
SchneiderWEB Server Directory Traversal Vulnerability
ICSA-14-273-01 · 1 CVE
|
SchneiderWEB web HMI,
SchneiderWEB web HMI,
SchneiderWEB web HMI
+63 more
|
2025-06-06 |
| HIGH | 7.8 |
Schneider Electric Wonderware Vulnerabilities
ICSA-14-238-02 · 5 CVEs
|
Wonderware Information Server Portal,
Wonderware Information Server Portal,
Wonderware Information Server Portal
+1 more
|
2025-06-06 |
| MEDIUM | 4.3 |
Schneider Electric ClearSCADA Uncontrolled Resource Consumption Vulnerability
ICSA-14-014-01 · 1 CVE
|
ClearSCADA 2010 R2,
ClearSCADA 2010 R2.1,
ClearSCADA 2010 R3
+4 more
|
2025-06-06 |
| MEDIUM | 5.0 |
Schneider Electric Telvent SAGE RTU DNP3 Improper Input Validation Vulnerability
ICSA-14-006-01 · 1 CVE
|
Telvent SAGE 3030 remote terminal unit (RTU),
Telvent SAGE 3030,
Telvent SAGE 3030
|
2025-06-06 |
| HIGH | 7.8 |
Schneider Electric CitectSCADA Products Exception Handler Vulnerability (Update A)
ICSA-13-350-01A · 1 CVE
|
StruxureWare SCADA Expert Vijeo Citect,
Vijeo Citect,
CitectSCADA
+2 more
|
2025-06-06 |
| CRITICAL | 9.3 |
Schneider Electric Trio J-Series Radio Encryption
ICSA-13-234-01 · 1 CVE
|
Trio J-Series Radio TBURJR900-00002DH0,
Trio J-Series Radio TBURJR900-01002DH0,
Trio J-Series Radio TBURJR900-05002DH0
+5 more
|
2025-06-06 |
| MEDIUM | 6.9 |
Schneider Electric Vijeo Citect, CitectSCADA, PowerLogic SCADA Vulnerability
ICSA-13-217-02 · 1 CVE
|
Vijeo Citect,
CitectSCADA,
PowerLogic SCADA
|
2025-06-06 |
| MEDIUM | 5.4 |
Schneider Electric Modicon PLC Vulnerabilities
ICSA-15-246-02 · 2 CVEs
|
Modicon PLC,
Modicon PLC,
Modicon PLC
+8 more
|
2025-06-06 |
| MEDIUM | 6.6 |
Schneider Electric MiCOM S1 Studio Improper Authorization Vulnerability
ICSA-13-100-01 · 1 CVE
|
MiCOM S1 Studio Software
|
2025-06-06 |
| CRITICAL | 10.0 |
Schneider Electric Accutech Manager Heap Overflow
ICSA-13-043-01 · 1 CVE
|
accutech Manager
|
2025-06-06 |
| CRITICAL | 10.0 |
Schneider Electric IGSS Buffer Overflow
ICSA-13-018-01 · 1 CVE
|
IGSS application
|
2025-06-06 |
| MEDIUM | 5.0 |
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities
ICSA-15-085-01 · 4 CVEs
|
InduSoft Web Studio,
InTouch Machine Edition 2014
|
2025-06-05 |
| HIGH | 7.5 |
Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B)
ICSA-16-308-02B · 2 CVEs
|
Magelis GTO Advanced Optimum Panels,
Magelis GTU Universal Panel,
Magelis STO5xx and STU Small panels
+4 more
|
2025-06-05 |
| HIGH | 7.5 |
Schneider Electric Unity PRO Control Flow Management Vulnerability
ICSA-16-306-03 · 1 CVE
|
Unity PRO
|
2025-06-05 |
| CRITICAL | 10.0 |
Schneider Electric ConneXium Buffer Overflow Vulnerability
ICSA-16-306-01 · 1 CVE
|
ConneXium TCSEFEC23F3F20 firewall,
ConneXium TCSEFEC23F3F21 firewall,
ConneXium TCSEFEC23FCF20 firewall
+2 more
|
2025-06-05 |
| CRITICAL | 9.1 |
Schneider Electric PowerLogic PM8ECC Hard-coded Password Vulnerability
ICSA-16-292-01 · 1 CVE
|
PowerLogic PM8ECC
|
2025-06-05 |
| MEDIUM | 5.0 |
Schneider Electric StruxureWare Building Expert Plaintext Credentials Vulnerability
ICSA-15-258-01 · 1 CVE
|
StruxureWare Building Expert, multi-purpose management device (MPM)
|
2025-06-05 |
| MEDIUM | 5.3 |
Schneider Electric Telvent RTU Improper Ethernet Frame Padding Vulnerability
ICSA-16-070-01 · 1 CVE
|
Sage 3030M firmware,
Sage 1410 firmware,
Sage1430 firmware
+4 more
|
2025-06-05 |
| HIGH | 7.2 |
Schneider Electric Building Operation Automation Server Vulnerability
ICSA-16-061-01 · 1 CVE
|
Automation Server
|
2025-06-05 |
| CRITICAL | 9.8 |
Schneider Electric Wiser Home Automation
ICSA-25-153-01 · 1 CVE
|
Wiser AvatarOn 6K Freelocate,
Wiser Cuadro H 5P Socket
|
2025-06-03 |
| MEDIUM | 5.3 |
Schneider Electric EcoStruxure Power Build Rapsody
ICSA-25-135-20 · 1 CVE
|
EcoStruxure Power Build Rapsody
|
2025-05-15 |
| MEDIUM | 5.3 |
Schneider Electric EcoStruxure Power Build Rapsody
ICSA-25-023-05 · 1 CVE
|
EcoStruxure Power Build Rapsody,
EcoStruxure Power Build Rapsody,
EcoStruxure Power Build Rapsody
+5 more
|
2025-05-13 |
| HIGH | 7.1 |
Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update B)
ICSA-25-037-01 · 1 CVE
|
EcoStruxure Power Monitoring Expert (PME),
EcoStruxure Power Monitoring Expert (PME),
EcoStruxure Power Monitoring Expert (PME)
|
2025-05-13 |
| CRITICAL | 9.8 |
Schneider Electric PrismaSeT Active - Wireless Panel Server
ICSA-25-140-06 · 1 CVE
|
PrismaSeT Active - Wireless Panel Server
|
2025-05-13 |
| MEDIUM | 5.3 |
Schneider Electric EcoStruxure Power Build Rapsody
ICSA-25-153-02 · 1 CVE
|
EcoStruxure™ Power Build Rapsody software,
EcoStruxure™ Power Build Rapsody software
|
2025-05-13 |
| HIGH | 7.5 |
Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update A)
ICSA-25-035-04 · 1 CVE
|
Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety),
Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety),
Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)
+5 more
|
2025-04-08 |
| MEDIUM | 6.8 |
Schneider Electric Trio Q Licensed Data Radio
ICSA-25-107-01 · 3 CVEs
|
Trio™ Q Licensed Data Radio,
Trio™ Q Licensed Data Radio
|
2025-04-08 |
| HIGH | 7.8 |
Schneider Electric ConneXium Network Manager Software
ICSA-25-107-03 · 2 CVEs
|
ConneXium Network Manager,
ConneXium Network Manager
|
2025-04-08 |
| MEDIUM | 6.8 |
Schneider Electric EcoStruxure Power Automation System User Interface (EPAS-UI)
ICSA-25-077-01 · 1 CVE
|
EcoStruxure Power Automation System User Interface (EPAS-UI)
|
2025-03-18 |
| CRITICAL | 9.8 |
Schneider Electric EcoStruxure Power Automation System
ICSA-25-077-03 · 1 CVE
|
WebHMI,
EPAS User Interface,
WebHMI_Fix_users_for_Standard
|
2025-03-11 |
| MEDIUM | 6.0 |
Schneider Electric EcoStruxure Panel Server
ICSA-25-077-04 · 1 CVE
|
EcoStruxure Panel Server,
EcoStruxure Panel Server,
EcoStruxure Power Commission
|
2025-03-11 |
| HIGH | 8.1 |
Schneider Electric ASCO 5310/5350 Remote Annunciator
ICSA-25-077-05 · 4 CVEs
|
ASCO 5310 Single-Channel Remote Annunciator,
ASCO 5350 Eight Channel Remote Annunciator
|
2025-02-11 |
| HIGH | 7.8 |
Schneider Electric EcoStruxureâ„¢
ICSA-25-079-01 · 1 CVE
|
EcoStruxure™ Process Expert,
EcoStruxure™ Process Expert,
EcoStruxure™ Process Expert 2023
+4 more
|
2025-02-11 |
| MEDIUM | 6.5 |
Schneider Electric Enerlin’X IFE and eIFE
ICSA-25-079-02 · 3 CVEs
|
Enerlin'X IFE interface,
Enerlin'X eIFE,
Enerlin'X IFE interface
+3 more
|
2025-02-11 |
| CRITICAL | 10.0 |
Schneider Electric Modicon Controllers
ICSA-25-114-01 · 22 CVEs
|
Modicon M580,
Modicon M580,
Modicon M580
+27 more
|
2025-02-11 |
| HIGH | 7.8 |
Schneider Electric Web Designer for Modicon
ICSA-25-035-05 · 1 CVE
|
Web Designer for BMXNOR0200H,
Web Designer for BMXNOE0110(H),
Web Designer for BMENOC0311(C)
+1 more
|
2025-02-04 |
| HIGH | 8.8 |
Schneider Electric Power Logic
ICSA-25-028-02 · 2 CVEs
|
Schneider Electric Power Logic,
Schneider Electric Power Logic
|
2025-01-28 |
| MEDIUM | 5.3 |
Schneider Electric PowerChute Serial Shutdown
ICSA-25-010-01 · 1 CVE
|
PowerChute Serial Shutdown,
PowerChute Serial Shutdown
|
2024-12-10 |
| HIGH | 8.8 |
Schneider Electric Harmony HMI and Pro-Face HMI Products
ICSA-25-010-02 · 1 CVE
|
Harmony with EcoStruxureTM Operator Terminal Expert runtime,
Pro-face HMI with Pro-face BLUE runtime
|
2024-12-10 |
| HIGH | 7.5 |
Schneider Electric Modicon M340, MC80, and Momentum Unity M1E
ICSA-24-326-03 · 2 CVEs
|
Modicon M340 CPU,
Modicon M340 CPU,
Modicon MC80
+1 more
|
2024-11-12 |
| CRITICAL | 9.8 |
Schneider Electric EcoStruxure IT Gateway
ICSA-24-326-05 · 1 CVE
|
EcoStruxure™ IT Gateway,
EcoStruxure™ IT Gateway,
EcoStruxure™ IT Gateway
+2 more
|
2024-11-12 |
| HIGH | 7.5 |
Schneider Electric PowerLogic PM5300 Series
ICSA-24-326-06 · 1 CVE
|
PowerLogic PM5320,
PowerLogic PM5340,
PowerLogic PM5341
+3 more
|
2024-11-12 |
| HIGH | 8.1 |
Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC
ICSA-24-331-01 · 2 CVEs
|
PowerLogic PM5560,
PowerLogic PM5561,
PowerLogic PM5562
+7 more
|
2024-11-12 |
| HIGH | 7.8 |
Schneider Electric Zelio Soft 2
ICSA-24-284-14 · 2 CVEs
|
Zelio Soft 2
|
2024-10-10 |
| HIGH | 7.2 |
Schneider Electric Data Center Expert
ICSA-24-289-02 · 2 CVEs
|
Data Center Expert,
Data Center Expert
|
2024-10-08 |
| HIGH | 7.2 |
Schneider Electric Data Center Expert
ICSA-25-016-08 · 2 CVEs
|
Data Center Expert,
Data Center Expert
|
2024-10-08 |
| HIGH | 8.5 |
Schneider Electric EVlink Home Smart and Schneider Charge
ICSA-25-023-03 · 1 CVE
|
EVlink Home Smart,
EVlink Home Smart,
Schneider Charge
+1 more
|
2024-10-08 |
| HIGH | 7.8 |
Schneider Electric Easergy Studio
ICSA-25-023-04 · 1 CVE
|
Easergy Studio ,
Easergy Studio
|
2024-10-08 |
| CRITICAL | 9.8 |
Schneider Electric System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs
ICSA-25-030-03 · 1 CVE
|
System Monitor application in Harmony Industrial PC,
System Monitor application in Pro-face Industrial PC
|
2024-10-08 |
| MEDIUM | 6.1 |
Schneider Electric PowerLogic P5
ICSA-24-331-02 · 1 CVE
|
PowerLogic P5,
PowerLogic P5 Wave
|
2024-09-10 |
| MEDIUM | 5.4 |
Schneider Electric EcoStruxure
ICSA-25-014-03 · 1 CVE
|
EcoStruxure™ Power Monitoring Expert (PME) 2021,
EcoStruxure™ Power Monitoring Expert (PME) 2020,
EcoStruxure™ Power Operation (EPO) 2022
+7 more
|
2024-09-10 |
| HIGH | 7.5 |
Schneider Electric Accutech Manager
ICSA-24-354-06 · 1 CVE
|
Accutech Manager,
Accutech Manager
|
2024-08-13 |
| HIGH | 8.1 |
Schneider Electric EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M340, M580 and M580 Safety PLCs
ICSA-24-331-03 · 3 CVEs
|
Modicon M340 CPU (part numbers BMXP34*),
Modicon M580 CPU (part numbers BMEP* and BMEH* excluding M580 CPU Safety),
Modicon M580 CPU Safety
+9 more
|
2024-07-09 |
| HIGH | 7.8 |
Schneider Electric EcoStruxure Foxboro DCS Core Control Services
ICSA-24-345-02 · 3 CVEs
|
EcoStruxureTM Foxboro DCS Core Control Services,
EcoStruxureTM Foxboro DCS Core Control Services,
EcoStruxureTM Foxboro DCS Core Control Services
|
2024-07-09 |
| HIGH | 7.3 |
Schneider Electric FoxRTU Station
ICSA-24-345-03 · 1 CVE
|
FoxRTU Station,
FoxRTU Station
|
2024-07-09 |
| CRITICAL | 9.8 |
Schneider Electric Sage Series
ICSA-25-107-02 · 6 CVEs
|
Sage 1410,
Sage 1430,
Sage 1450
+9 more
|
2024-07-09 |
| CRITICAL | 9.8 |
Schneider Electric APC Easy UPS Online Monitoring Software (Update A)
ICSA-23-108-02 · 3 CVEs
|
APC Easy UPS Online Monitoring Software,
Schneider Electric Easy UPS Online Monitoring Software
|
2024-06-11 |
| HIGH | 7.8 |
Schneider Electric EcoStruxure Power Design
ICSA-24-072-01 · 1 CVE
|
EcoStruxure Power Design - Ecodial NL,
EcoStruxure Power Design - Ecodial INT,
EcoStruxure Power Design - Ecodial FR
|
2024-03-12 |
| HIGH | 7.8 |
Schneider Electric Easergy Studio
ICSA-24-011-05 · 1 CVE
|
Easergy Studio
|
2024-01-11 |
| MEDIUM | 5.3 |
Schneider Electric Easy UPS Online Monitoring Software
ICSA-23-346-01 · 1 CVE
|
Easy UPS Online Monitoring Software (Windows 10, 11, Windows Server 2016, 2019, 2022)
|
2023-12-12 |
| CRITICAL | 9.8 |
Schneider Electric SpaceLogic C-Bus Toolkit
ICSA-23-306-06 · 2 CVEs
|
SpaceLogic C-Bus Toolkit
|
2023-11-02 |
| CRITICAL | 9.8 |
Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation Products
ICSA-23-290-01 · 1 CVE
|
EcoStruxure Power Monitoring Expert,
EcoStruxure Power Operation with Advanced Reports,
EcoStruxure Power SCADA Operation with Advanced Reports
|
2023-10-17 |
| HIGH | 7.8 |
Schneider Electric IGSS
ICSA-23-220-01 · 2 CVEs
|
IGSS Dashboard (DashBoard.exe)
|
2023-10-12 |
| HIGH | 8.8 |
Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters
ICSA-23-229-03 · 1 CVE
|
PowerLogic ION9000,
PowerLogic ION7400,
PowerLogic PM8000
+3 more
|
2023-08-17 |
| HIGH | 8.1 |
Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon M340, M580 and M580 CPU
ICSA-23-227-01 · 1 CVE
|
EcoStruxure Control Expert,
EcoStruxure Process Expert,
Modicon M340 CPU (part numbers BMXP34*)
+4 more
|
2023-08-15 |
| HIGH | 7.5 |
Schneider Electric EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers
ICSA-23-201-01 · 1 CVE
|
EcoStruxure Control Expert,
EcoStruxure Process Expert,
Modicon M340 CPU (part numbers BMXP34*)
+5 more
|
2023-07-20 |
| HIGH | 7.8 |
Schneider Electric EcoStruxure Operator Terminal Expert
ICSA-23-180-02 · 1 CVE
|
EcoStruxure Operator Terminal Expert
|
2023-06-29 |
| HIGH | 8.8 |
Schneider Electric IGSS
ICSA-23-082-04 · 8 CVEs
|
IGSS Data Server (IGSSdataServer.exe),
IGSS Dashboard (DashBoard.exe),
Custom Reports (RMS16.dll)
|
2023-04-03 |
| CRITICAL | 9.0 |
Schneider Electric Triconex Tricon
ICSA-18-107-02 · 2 CVEs
|
MP Model 3008
|
2018-12-18 |
Get Schneider Electric Vulnerability Alerts
Don't check manually — OTWarden emails you when CISA publishes new Schneider Electric ICS advisories, filtered to your specific equipment.
Start 14-Day Free Trial →