CVE-2020-7528
7.8HIGHA CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which could allow arbitrary code execution when an attacker builds a custom .PRJ
Publicado: 9/16/2020Actualizado: 11/21/2024
Descripción
A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer.
Análisis IAImpulsado por IA
Productos Afectados
schneider-electricscadapack_7x_remote_connect
Referencias
- https://www.se.com/ww/en/download/document/SEVD-2020-252-01/Vendor Advisory
- https://www.se.com/ww/en/download/document/SEVD-2020-252-01/Vendor Advisory