A CWE-426: Untrusted Search Path vulnerability exists in ZigBee Installation Kit (Versions prior to 1.0.1), which could cause execution of malicious code when a malicious file is put in the search path.
Published March 24, 2020.
Schneider-electric Ulti Zigbee Installation Toolkit