Lucene search
This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500405.NASLHistoryAug 10, 2021 - 12:00 a.m.
Se Ecostruxure Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
2021-08-1000:00:00
This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
0.002 Low
EPSS
Percentile
61.6%
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’) vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.
File data ot_500405.nasl| Vendor | Product | Version | CPE |
|---|---|---|---|
| se | ecostruxure_machine_expert | * | cpe:2.3:a:se:ecostruxure_machine_expert:*:*:*:*:*:*:*:* |
| se | somachine_basic | * | cpe:2.3:a:se:somachine_basic:*:*:*:*:*:*:*:* |
| se | modicon_m100_firmware | * | cpe:2.3:o:se:modicon_m100_firmware:*:*:*:*:*:*:*:* |
| se | modicon_m200_firmware | * | cpe:2.3:o:se:modicon_m200_firmware:*:*:*:*:*:*:*:* |
| se | modicon_m221_firmware | * | cpe:2.3:o:se:modicon_m221_firmware:*:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2020-04-22 19:15:00
nessus
nessus
Schneider Electric EcoStruxure Machine Expert Injection (CVE-2020-7489)
2023-03-01 00:00:00
cvelist
cvelist
CVE-2020-7489
2020-04-22 18:15:57
cve
cve
CVE-2020-7489
2020-04-22 19:15:11
nvd
nvd
CVE-2020-7489
2020-04-22 19:15:11