A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’) vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.
File data ot_500405.nasl
Vendor | Product | Version | CPE |
---|---|---|---|
se | ecostruxure_machine_expert | * | cpe:2.3:a:se:ecostruxure_machine_expert:*:*:*:*:*:*:*:* |
se | somachine_basic | * | cpe:2.3:a:se:somachine_basic:*:*:*:*:*:*:*:* |
se | modicon_m100_firmware | * | cpe:2.3:o:se:modicon_m100_firmware:*:*:*:*:*:*:*:* |
se | modicon_m200_firmware | * | cpe:2.3:o:se:modicon_m200_firmware:*:*:*:*:*:*:*:* |
se | modicon_m221_firmware | * | cpe:2.3:o:se:modicon_m221_firmware:*:*:*:*:*:*:*:* |