PT-2026-24258 · Schneider Electric · Ecostruxure™ Foxboro Dcs+1
Published
2026-03-10
·
Updated
2026-03-25
·
CVE-2026-1286
CVSS v4.0
7.0
High
| Vector | AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Versions prior to 2026-1286
Description
A flaw exists due to the deserialization of untrusted data. This issue could result in a loss of confidentiality and integrity, and potentially allow for remote code execution on a workstation. The issue occurs when an administrator authenticated user opens a malicious project file.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ecostruxure™ Foxboro Dcs
Foxboro Dcs