CVE-2020-7493

A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project file.
References
Configurations

Configuration 1

cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.1:sp1:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.1:-:*:*:*:*:*:*

Information

Published : 2020-06-16 08:15

Updated : 2020-06-17 08:15


NVD link : CVE-2020-7493

Mitre link : CVE-2020-7493

Products Affected
No products.
CWE