Unrated severityNVD Advisory· Published Mar 10, 2026· Updated Mar 10, 2026
CVE-2026-2273
CVE-2026-2273
Description
CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of the subsequent system when an authenticated user opens a malicious project file.
Affected products
1- Schneider Electric/EcoStruxure™ Automation Expertv5Range: Versions prior to v25.0.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.