Critical severity9.8NVD Advisory· Published Jan 26, 2021· Updated Jun 17, 2026
CVE-2020-28221
CVE-2020-28221
Description
A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.
Affected products
2- EcoStruxure/EcoStruxure™ Operator Terminal Expert and Pro-face BLUEdescription
Patches
Vulnerability mechanics
References
1- www.se.com/ww/en/download/document/SEVD-2021-012-01/nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.