漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of the subsequent system when an authenticated user opens a malicious project file.
CVSS Information
N/A
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
Schneider Electric EcoStruxure Automation Expert 代码注入漏洞
Vulnerability Description
Schneider Electric EcoStruxure Automation Expert是法国施耐德电气(Schneider Electric)公司的一个工业自动化系统的软件平台。 Schneider Electric EcoStruxure Automation Expert存在代码注入漏洞,该漏洞源于代码生成控制不当,可能导致在工程工作站上执行不受信任的命令,从而损害工作站的机密性、完整性和可用性。
CVSS Information
N/A
Vulnerability Type
N/A