CVE-2022-26507
The vulnerabilities reported on XDemill and XMilI are triggered through the execution of a malicious script on the engineering workstation, or when loading a specially crafted project file into the engineering tool. The successful exploitation of these vulnerabilities may lead to code execution with elevated privileges on the engineering workstation.
Risk Information
- CVE ID
- CVE-2022-26507
- Vendor
- Schneider Electric
- Product
- AT&T Compressor (XMilI), Decompressor (XDemill)
- CVSS v3
- n/a