CVE-2022-2463

Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03 Mitigation Patch Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:rockwellautomation:isagraf_workbench:*:*:*:*:*:*:*:*

Information

Published : 2022-08-25 11:15

Updated : 2022-08-26 20:27


NVD link : CVE-2022-2463

Mitre link : CVE-2022-2463


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

rockwellautomation

  • isagraf_workbench