Skip to end of metadata
Go to start of metadata

A security vulnerability was recently discovered in all versions of StruxureOn Gateway prior to 1.2 (1.0.0 - 1.1.3).

This vulnerability leverages the DDF Catalog update feature under Device Support. It requires user authentication and network access, but could allow for remote code execution.

A fix for this vulnerability first became available in StruxureOn Gateway version 1.2. Download the latest version, now called EcoStruxure IT Gateway, here.

Read the security notification about this vulnerability here.

  • No labels