Known Vulnerabilities
CVE-2023-1548
A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to perform a denial of service through the console server service that is part of EcoStruxure Control Expert. Affected Products: EcoStruxure Control Expert (V15.1 and above)
MEDIUM
CVSS 5.5
Published Apr 18, 2023
CVE-2023-27976
A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote code execution when a valid user visits a malicious link provided through the web endpoints. Affected Products: EcoStruxure Control Expert (V15.1 and above)
HIGH
CVSS 8.8
Published Apr 18, 2023