HIGHCVE-2026-1286Published Modified CNA schneider
CVE-2026-1286: CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file.
Metrics
- CVSS v4.0
- 7.0
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- Schneider Electric / EcoStruxure™ Foxboro DCSVersions prior to CS8.1
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences