Se: Security Vulnerabilities
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering
of device configuration over NFC communication.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-14
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that
could cause loss of confidentiality when replacing a project file on the local filesystem and after
manual restart of the server.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-07-12
A CWE-88: Argument Injection or Modification vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause unauthorized write access when opening the project file.
CVSS Score
7.8
EPSS Score
0.003
Published
2020-06-16