Schneider Electric EcoStruxure Foxboro DCS
Summary
Schneider Electric has identified a deserialization vulnerability in its EcoStruxure Foxboro DCS Control Software affecting Foxboro DCS workstations and servers. This flaw, if exploited by an authenticated user opening a malicious project file, could lead to loss of confidentiality, integrity, and potential remote code execution.
IFF Assessment
The identified vulnerability allows for potential remote code execution, which is a significant threat to system security and operational integrity.
Severity
Defender Context
This vulnerability in critical infrastructure software requires immediate attention from defenders managing Schneider Electric EcoStruxure Foxboro DCS. Organizations should prioritize applying the vendor fix (version CS 8.1) to prevent potential remote code execution and data compromise.