CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering workstation.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NSchneider Electric Ecostruxure Control Expert
APPSchneider-Electric< 16.0Schneider Electric Ecostruxure Process Expert
APPSchneider-Electric< 2023
Related vulnerabilities
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unaut...
A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted inp...
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V1...
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on ...
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), ...