CVE-2023-1049

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jun 14, 2023

Updated: Jun 22, 2023

CWE ID 94

Summary

CVE-2023-1049 is a newly discovered vulnerability affecting HMI (Human-Machine Interface) software. This issue, classified as CWE-94: Improper Control of Generation of Code ('Code Injection'), allows malicious code execution when an unsuspecting user opens a project file from their local filesystem. The vulnerability could potentially lead to significant security risks, including unauthorized system access or data theft. Users are strongly advised to update their software or take other necessary precautions to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Schneider Electric SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/roB3lU
https://www.cve.org/CVERecord?id=CVE-2023-1049
https://nvd.nist.gov/vuln/detail/CVE-2023-1049

Back to Vulnerability Database

CVE-2023-1049

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations