mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution.
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-21-313-04 | Patch Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2021-11-09T00:00:00
Updated: 2021-11-19T18:16:13
Reserved: 2021-11-08T00:00:00
Link: CVE-2021-43555
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-11-19T19:15:09.217
Modified: 2022-07-25T10:53:45.970
Link: CVE-2021-43555
JSON object: View
Redhat Information
No data.