CNNVD-202602-1942 Information

CNNVD ID

CNNVD-202602-1942

Related CVE

CVE-2026-1226

• CNNVD Published: 2026-02-11

Description (Chinese)

Schneider Electric EcoStruxure Building Operation Workstation是法国施耐德电气（Schneider Electric）公司的一个专业操作终端组件。 Schneider Electric EcoStruxure Building Operation Workstation存在代码注入漏洞，该漏洞源于代码生成控制不当，可能导致处理恶意TGML图形文件时在应用程序内执行不可信或非预期的代码。

Description (English)

Schneider Electric EcoStruxure Building Operation Works is a professional operating terminal component of Schneider Electric, France. There is a code-infusion loophole in Schneider Electric EcoStruxure Building Operation, which stems from inadequate code-generation controls and may lead to untrustworthy or unexpected code implementation in the application when processing malicious TGML graphic files.

Vulnerability Type

代码注入

Affected Vendor

施耐德电气。

Published

2026-02-11

Last Modified

2026-02-24

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-02.pdf https://access.redhat.com/security/cve/cve-2026-1226

Patch

https://www.se.com/ww/en/