CRITICAL🇵🇱 Wersja polska

CVE-2020-7489

CVSS 9.8v3.1pub. 2020-04-22upd. 2026-05-28

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Schneider Electric Ecostruxure Machine Expert

    APP
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Modicon M100

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Modicon M100 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Modicon M200

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Modicon M200 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Modicon M221

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Modicon M221 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Somachine Basic

    APP
    Schneider-Electric
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-22704CRITICAL9.1ten sam produkt

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Prod...

CVE-2020-7487CRITICAL9.8ten sam produkt

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker ...

CVE-2018-7790CRITICAL9.8ten sam produkt

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all referen...

CVE-2018-7791CRITICAL9.8ten sam produkt

A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 produc...

CVE-2021-22705HIGH7.8ten sam produkt

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause ...