CVE-2020-7489

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.
References
Configurations

Configuration 1

cpe:2.3:a:schneider-electric:somachine_basic:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_machine_expert:*:*:*:*:*:*:*:*

Information

Published : 2020-04-22 07:15

Updated : 2022-01-31 08:49


NVD link : CVE-2020-7489

Mitre link : CVE-2020-7489

CWE