CVE-2022-2464
ISaGRAF Workbench Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-22
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.7EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
25 ago 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful.
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Productos afectados
Rockwell Automation · ISaGRAF Workbench¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →