CVE-2022-41668

7.0HIGH

A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local user privileges to load a project file from an adversary-controlled network share which could result in

Опубликовано: 11/4/2022Обновлено: 11/21/2024
Посмотреть на NVDПосмотреть на MITRE

Описание

A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local user privileges to load a project file from an adversary-controlled network share which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).

ИИ-АнализНа базе ИИ

Затронутые продукты

schneider-electricecostruxure_operator_terminal_expert
schneider-electricecostruxure_operator_terminal_expert
3.3
schneider-electricecostruxure_operator_terminal_expert
3.3
schneider-electricpro-face_blue
schneider-electricpro-face_blue
3.3
schneider-electricpro-face_blue
3.3

Ссылки