Unrated severityNVD Advisory· Published Apr 22, 2020· Updated Aug 4, 2024

CVE-2020-7489

Description

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.

Affected products

Schneider Electric/EcoStruxure Machine Expert – Basic or SoMachine Basic programming softwaredescription
Schneider Electric/SoMachine Basicllm-fuzzy
Range: versions in security notification

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.se.com/ww/en/download/document/SEVD-2020-105-01mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000