Schneider-Electric: >> Hmi Sto 501 Security Vulnerabilities
A CWE-20: Improper Input Validation vulnerability exists in EcoStruxureâ„¢ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-01-26