Deserialization in Schneider Electric Ecostruxure™ Foxboro Dcs

CVE-2026-1286

CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file.

Vulnerability class: Insecure Deserialization

EPSS: 0.006 (69.9th percentile) — read the EPSS interpretation.