Critical severity9.8NVD Advisory· Published Apr 22, 2020· Updated Jun 17, 2026
CVE-2020-7489
CVE-2020-7489
Description
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.
Affected products
3- Schneider Electric/EcoStruxure Machine Expert – Basic or SoMachine Basic programming softwaredescription
Patches
Vulnerability mechanics
References
1- www.se.com/ww/en/download/document/SEVD-2020-105-01nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.