A CWE-20: Improper Input Validation vulnerability exists in EcoStruxureâ„¢ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2021-012-01/ |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: schneider
Published: 2021-01-25T17:08:37
Updated: 2024-08-04T16:33:58.933Z
Reserved: 2020-11-05T00:00:00
Link: CVE-2020-28221

No data.

Status : Modified
Published: 2021-01-26T18:15:47.600
Modified: 2024-11-21T05:22:30.077
Link: CVE-2020-28221

No data.