Aggregates CVE and security vulnerability intelligence across all schneider_electric-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow, vendor risk cross-site scripting, and vendor risk memory corruption and related problems; some flaws may lead to vendor impact application crash.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-5157 | An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. The homeLYnk controller is susceptible to a cross-site scripting attack. User inputs can be manipulated to cause execution of JavaScript code. | [email protected] | 6.1 | 1.46% | 2017-02-13 | 2026-05-13 |
| CVE-2014-9188 | Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on details provided by researchers. | [email protected] | 10.0 | 6.12% | 2014-12-27 | 2026-05-06 |
| CVE-2014-8514 | Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers. | [email protected] | 7.5 | 4.00% | 2014-12-27 | 2026-05-06 |
| CVE-2014-8513 | Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8514 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers. | [email protected] | 7.5 | 2.95% | 2014-12-27 | 2026-05-06 |
| CVE-2014-8512 | Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8511. NOTE: this may be clarified later based on details provided by researchers. | [email protected] | 7.5 | 3.93% | 2014-12-27 | 2026-05-06 |
| CVE-2013-0662 | Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header. | [email protected] | 9.3 | 22.12% | 2014-04-01 | 2026-05-06 |