2 matches found
CVE-2022-0221
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SCADAPack Workbench. This could be exploited to pass data from local files to a remote system...
CVE-2022-0221
CVE-2022-0221 describes an XML External Entity (XXE) vulnerability in Schneider Electric SCADAPack Workbench (versions up to 6.6.8a). The flaw arises when opening a malicious solution file, allowing information disclosure by passing data from local files to a remote attacker-controlled system. Ex...