A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.
References
Link | Resource |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2020-105-01 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: schneider
Published: 2020-04-22T18:15:57
Updated: 2020-04-22T18:15:57
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7489
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-04-22T19:15:11.777
Modified: 2022-01-31T20:49:14.197
Link: CVE-2020-7489
JSON object: View
Redhat Information
No data.
CWE