4 matches found
The vulnerabilities of software for network design, calculation of electrical network parameters, and procurement of EcoStruxure Power Design/Ecodial (formerly Ecodial) equipment relate to shortcomings in the deserialization mechanism, allowing attackers to execute arbitrary code.
The vulnerability of software for designing electrical power networks, calculating network electrical parameters, and selecting equipment for EcoStruxure Power Design/Ecodial formerly Ecodial stems from deficiencies in the deserialization mechanism during file loading. Exploiting this vulnerabili...
Vulnerability fixed in Schneider Electric EcoStruxure Power Design
Schneider Electric has fixed a vulnerability in EcoStruxure Power Design. A malicious party could exploit the vulnerability to execute arbitrary code with privileges of the Power Design user. Successful exploitation requires the malicious party to trick the victim into opening and executing a rog...
Schneider Electric EcoStruxure Power Design
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low Attack Complexity Vendor : Schneider Electric Equipment : EcoStruxure Power Design Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability may allow for arbitrary code execution...
PT-2024-2220 · Schneider Electric · Ecostruxure Power Design - Ecodial
Name of the Vulnerable Software and Affected Versions: EcoStruxure Power Design - Ecodial affected versions not specified Description: A Deserialization of Untrusted Data issue exists, potentially allowing remote code execution when a malicious project file is loaded into the application by a val...