← voltar
CVE-2022-2333

Honeywell SoftMaster Uncontrolled Search Path Element

CVSS 8.8 HIGHEPSS 1.0%CWE-427
If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
Honeywell · SoftMaster

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-02https://www.security.honeywell.com/-/media/Security/Resources/PDF/Product-Warranty/Security_Notification_SN_2019-09-13-02_V4-pdf.pdf