Vulnerability CVE-2023-25549
Published: 2023-04-18

Description:







A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
allows for remote code execution when using a parameter of the DCE network settings
endpoint.








Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

Type:

CWE-94

 (Improper Control of Generation of Code ('Code Injection'))

 References:
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf
Copyright 2026, cxsecurity.com

 

Back to Top