CVE-2020-7494

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project file.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.1:-:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.1:sp1:*:*:*:*:*:*

History

No history.

Information

Published : 2020-06-16 20:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-7494

Mitre link : CVE-2020-7494

CVE.ORG link : CVE-2020-7494


JSON object : View

Products Affected

schneider-electric

  • ecostruxure_operator_terminal_expert
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')