{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1227", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "state": "PUBLISHED", "assignerShortName": "schneider", "dateReserved": "2026-01-20T12:38:23.080Z", "datePublished": "2026-02-11T13:45:51.675Z", "dateUpdated": "2026-02-11T14:08:24.750Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "EcoStruxure Building Operation Workstation", "vendor": "Schneider Electric", "versions": [{"status": "affected", "version": "All 7.0.x versions prior to 7.0.3.2000 (CP1)"}]}, {"defaultStatus": "unaffected", "product": "EcoStruxure Building Operation Webstation", "vendor": "Schneider Electric", "versions": [{"status": "affected", "version": "All 6.x versions prior to 6.0.4.14001 (CP10)"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized disclosure of local files, interaction within the EBO system, or denial of service conditions when a local user uploads a specially crafted TGML graphics file to the EBO server from Workstation."}], "value": "CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized disclosure of local files, interaction within the EBO system, or denial of service conditions when a local user uploads a specially crafted TGML graphics file to the EBO server from Workstation."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 7, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2026-02-11T13:45:51.675Z"}, "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-02.pdf"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-11T14:08:12.326386Z", "id": "CVE-2026-1227", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-11T14:08:24.750Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1227", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-11T14:08:12.326386Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-11T14:08:18.228Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Schneider Electric", "product": "EcoStruxure Building Operation Workstation", "versions": [{"status": "affected", "version": "All 7.0.x versions prior to 7.0.3.2000 (CP1)"}], "defaultStatus": "unaffected"}, {"vendor": "Schneider Electric", "product": "EcoStruxure Building Operation Webstation", "versions": [{"status": "affected", "version": "All 6.x versions prior to 6.0.4.14001 (CP10)"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-02.pdf"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized disclosure of local files, interaction within the EBO system, or denial of service conditions when a local user uploads a specially crafted TGML graphics file to the EBO server from Workstation.", "supportingMedia": [{"type": "text/html", "value": "CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized disclosure of local files, interaction within the EBO system, or denial of service conditions when a local user uploads a specially crafted TGML graphics file to the EBO server from Workstation.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference"}]}], "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2026-02-11T13:45:51.675Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1227", "state": "PUBLISHED", "dateUpdated": "2026-02-11T14:08:24.750Z", "dateReserved": "2026-01-20T12:38:23.080Z", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "datePublished": "2026-02-11T13:45:51.675Z", "assignerShortName": "schneider"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized disclosure of local files, interaction within the EBO system, or denial of service conditions when a local user uploads a specially crafted TGML graphics file to the EBO server from Workstation."}, {"lang": "es", "value": "CWE-611: Existe una vulnerabilidad de Restricci\u00f3n Inadecuada de Referencia a Entidad Externa XML que podr\u00eda causar la divulgaci\u00f3n no autorizada de archivos locales, la interacci\u00f3n dentro del sistema EBO o condiciones de denegaci\u00f3n de servicio cuando un usuario local carga un archivo gr\u00e1fico TGML especialmente dise\u00f1ado al servidor EBO desde Workstation."}], "id": "CVE-2026-1227", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cybersecurity@se.com", "type": "Secondary"}]}, "published": "2026-02-11T14:16:02.117", "references": [{"source": "cybersecurity@se.com", "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-02.pdf"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "cybersecurity@se.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,6.0.4.14001)"}}], "product": "ecostruxure_building_operation_webstation", "vendor": "schneider-electric"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,7.0.3.2000)"}}], "product": "ecostruxure_building_operation_workstation", "vendor": "schneider-electric"}], "analysis": {"en": {"generated_at": "2026-04-17T20:21:32.800050+00:00", "value": {"mitigation_remediation": ["Apply the vendor\u2019s patch or upgrade whenever an official fix becomes available", "Disable XML External Entity processing on the EBO server to prevent resolution of external entities", "Enforce strict validation and whitelisting of TGML files before they are accepted by the server"], "summary": {"action": "Apply Update", "impact": "Unauthorized Disclosure of Local Files and Denial of Service"}, "threat_synthesis": {"affected_systems": "Affected systems are Schneider Electric\u2019s EcoStruxure Building Operation Webstation and Workstation. No specific version information is supplied, so all currently deployed versions of these products that handle TGML uploads are potentially exposed.", "description_and_impact": "This vulnerability is an improper restriction of XML External Entity Reference (CWE-611). When a local user uploads a specially crafted TGML graphics file to the EcoStruxure Building Operation (EBO) server from a workstation, the server processes external XML entities without adequate restriction. This can lead to unauthorized disclosure of local server files, unintended interactions within the EBO system, or even a denial\u2011of\u2011service condition. The CVSS score of 7 indicates a high impact potential and moderate difficulty for exploitation based on the information provided.", "risk_and_exploitability": "The CVSS score of 7 reflects a significant impact if successfully exploited. The EPSS score of less than 1% suggests that, as of now, the likelihood of exploitation is low. Because the attack requires a local user to upload a malicious TGML file, the attack vector is limited to users with access to the workstation. The vulnerability is not listed in CISA\u2019s Known Exploited Vulnerabilities catalog, which further indicates a lower current threat presence."}}}}, "created": "2026-02-11T21:38:11.271885+00:00", "title": "XML External Entity Disclosure in EBO TGML Upload", "updated": "2026-04-17T20:30:15.809493+00:00", "vendors": ["schneider-electric", "schneider-electric$PRODUCT$ecostruxure_building_operation_webstation", "schneider-electric$PRODUCT$ecostruxure_building_operation_workstation"]}