2 matches found
CVE-2022-41669
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load a malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal ExpertV3.3...
CVE-2022-41669
Schneider Electric EcoStruxure Operator Terminal Expert and Pro-face BLUE are affected by CVE-2022-41669 due to improper verification of cryptographic signatures in the SGIUtility component. An attacker with local user privileges can load a malicious DLL, potentially executing arbitrary code on t...