CVE-2020-7493

Summary

A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project file.

Affected Software

VendorProductVersion RangeStatus
n/aEcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)affected

Weaknesses

  • CWE-89: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CVE Program Container

Additional References

References