VYPR
Critical severity9.8NVD Advisory· Published Jan 26, 2021· Updated Jun 17, 2026

CVE-2020-28221

CVE-2020-28221

Description

A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.

Affected products

2
  • EcoStruxure/EcoStruxure™ Operator Terminal Expert and Pro-face BLUEdescription
  • Pro Face/BLUEllm-fuzzy

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.