Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-qxq5-p7h4-x2vw

Опубликовано: 01 сент. 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.8

Описание

AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;

AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;

Ссылки

EPSS

Процентиль: 41%
0.00195
Низкий

7.8 High

CVSS3

CVE ID

CVE-2022-2006

Дефекты

CWE-427

Связанные уязвимости

nvd логотип

CVE-2022-2006

CVSS3: 7.8
nvd
больше 3 лет назад

AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;

fstec логотип

BDU:2022-04303

CVSS3: 7.8
fstec
больше 3 лет назад

Уязвимость библиотеки DLL микропрограммного обеспечения сенсорных панелей AutomationDirect C-More серии EA9 HMI, позволяющая нарушителю выполнить произвольный код в процессе установки

EPSS

Процентиль: 41%
0.00195
Низкий

7.8 High

CVSS3

CVE ID

CVE-2022-2006

Дефекты

CWE-427