Schneider Electric Zelio Soft2 remote code execution vulnerability


Schneider Electric Zelio Soft is a logic controller programming software of Schneider Electric.

Schneider Electric Zelio Soft2 has a remote code execution vulnerability that can be exploited by attackers to execute arbitrary code remotely, perform unauthorized operations, cause denial of service conditions, and retrieve sensitive information.


At present, the manufacturer has issued an update patch to fix the vulnerability, and the patch gets the link: