Unrated severityNVD Advisory· Published Mar 23, 2020· Updated Aug 4, 2024
CVE-2020-7475
CVE-2020-7475
Description
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20), Modicon M580 (all versions prior to V3.10), which, if exploited, could allow attackers to transfer malicious code to the controller.
Affected products
5- Schneider Electric/EcoStruxure Control Expertdescription
- Range: <V3.10
- Range: <14.1 Hot Fix
- Range: <V3.20
Patches
Vulnerability mechanics
References
1- www.se.com/ww/en/download/document/SEVD-2020-080-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.