{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T12:05:42.361","vulnerabilities":[{"cve":{"id":"CVE-2023-1049","sourceIdentifier":"cybersecurity@se.com","published":"2023-06-14T08:15:08.773","lastModified":"2024-11-21T07:38:21.647","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nA CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that\ncould cause execution of malicious code when an unsuspicious user loads a project file from the\nlocal filesystem into the HMI.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@se.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3","matchCriteriaId":"5705916B-E189-4314-AD32-C8D42991DFA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.3:-:*:*:*:*:*:*","matchCriteriaId":"A6EAEC62-F689-43A2-8EDB-68867661ED92"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.3:sp1:*:*:*:*:*:*","matchCriteriaId":"17F5EDCD-B9E6-40D7-88FC-C2685384C5B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:pro-face_blue:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3","matchCriteriaId":"297C4149-AA1F-4033-BD74-0FB908783399"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:pro-face_blue:3.3:-:*:*:*:*:*:*","matchCriteriaId":"FB229476-7E0C-46ED-817D-C9A72250CC5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:pro-face_blue:3.3:sp1:*:*:*:*:*:*","matchCriteriaId":"78D3C9DF-3354-47E0-881F-4B59CE22BCF7"}]}]}],"references":[{"url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-01.pdf","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}