Vulnerability Details CVE-2020-7474
A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProSoft Configurator (v1.002 and prior), for the PMEPXM0100 (H) module, which could cause the execution of untrusted code when using double click to open a project file which may trigger execution of a malicious DLL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.4
References
Products affected by CVE-2020-7474
-
cpe:2.3:a:schneider-electric:pmepxm0100_prosoft_configurator:1.002