exploitDog

CVE-2022-45792

Опубликовано: 22 янв. 2024

Источник: nvd

CVSS3: 7.8

CVSS3: 7.8

EPSS Низкий

Описание

Project files may contain malicious contents which the software will use to create files on the filesystem. This allows directory traversal and overwriting files with the privileges of the logged-in user.

Ссылки

https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/
Third Party Advisory
https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:omron:sysmac_studio:*:*:*:*:*:*:*:*

Версия до 1.54.0 (исключая)

EPSS

Процентиль: 20%

0.00064

Низкий

7.8 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-22

CWE-22

Связанные уязвимости

GHSA-w49q-vj4v-4c9w

CVSS3: 7.8

github

около 2 лет назад

Project files may contain malicious contents which the software will use to create files on the filesystem. This allows directory traversal and overwriting files with the privileges of the logged-in user.

EPSS

Процентиль: 20%

0.00064

Низкий

7.8 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-22

CWE-22