CVE-2024-12703

The affected software is Schneider Electric RemoteConnect and SCADAPack x70 Utilities, which have a deserialization of untrusted data issue. This could lead to loss of confidentiality, integrity, and potential remote code execution on a workstation when a non-admin authenticated user opens a malicious project file. An exploit can be achieved if malicious project files are opened by non-admin authenticated users, posing risks to confidentiality and integrity. More information about the issue can be found at https://t.co/qWVtHJNLEz, https://t.co/uXvPWJy6tj, and https://t.co/YXYqVha4iH. #SchneiderElectric #RemoteConnect #SCADAPack #Deserialization #RemoteCodeExecution #Cybersecurity