{"uuid": "5cfce516-7cca-4075-8362-9295068863a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41671", "type": "seen", "source": "https://t.me/cibsecurity/52565", "content": "\u203c CVE-2022-41671 \u203c\n\nA CWE-89: Improper Neutralization of Special Elements used in SQL Command (\u00e2\u20ac\u02dcSQL Injection\u00e2\u20ac\u2122) vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-04T17:46:05.000000Z"}