Vulnerability Details CVE-2026-1286
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 23.4%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-1286
-
cpe:2.3:a:schneider-electric:ecostruxure_foxboro_dcs_control_software:8.0
-
cpe:2.3:a:schneider-electric:ecostruxure_foxboro_dcs_control_software:8.0.1