Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:ecostruxure™_operator_terminal_expert_3.1_service_pack_1a_and_prior_running_on_harmony_hmis_hmist6_series,_hmig3u_in_hmigtu_series,_hmisto_series_and_pro-face_blue_3.1_service_pack_1a_and_prior_running_on_pro-face_hmis:_st6000_series,_sp-5b41_in_sp5000_series,_gp4100_series:*:*:*:*:*:*:*:*

part: a version: _st6000_series,_sp-5b41_in_sp5000_series,_gp4100_series update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductEcostruxure™ Operator Terminal Expert 3.1 Service Pack 1A And Prior Running On Harmony Hmis Hmist6 Series, Hmig3U In Hmigtu Series, Hmisto Series And Pro Face Blue 3.1 Service Pack 1A And Prior Running On Pro Face Hmis (0124bda5-7db7-5795-954f-1e403c05ac00)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2020-28221 vulnerable 2026-06-08 05:23:53.884525 Details available
A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.
Published: 2021-01-25T17:08:37.000Z
Updated: 2024-08-04T16:33:58.933Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.