A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions before 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20), Modicon M580 (all versions prior to V3.10), which, if exploited, could allow malicious users to transfer malicious code to the controller.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
schneider-electric ecostruxure control expert |
||
schneider-electric unity pro |
||
schneider-electric modicon_m340_firmware |
||
schneider-electric modicon_m580_firmware |