The NCCIC has published an advisory on a use after free vulnerability in Schneider Electric Zelio Soft 2. Versions 5.1 and prior are affected. Successful exploitation of this vulnerability could allow for remote code execution when opening a specially crafted project file. Schneider Electric has released Version 5.2 of the affected software and a security notification. The NCCIC also advises on a series of mitigating measures for this vulnerability. NCCIC/ICS-CERT.