CVE-2026-2273

HIGH(8.2)

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Risk Signal Score21/100 — NIEDRIG

CVSS 8.2 — Hoch

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

8.2

Technische Schwere

Beschreibung

CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of the subsequent system when an authenticated user opens a malicious project file.

Referenzen

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-069-04&p_enDoc...