Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2023-01-18T00:37:49.835Z
Updated:
Reserved: 2022-12-21T18:52:32.342Z
Link: CVE-2022-43483
JSON object: View
NVD Information
Status : Modified
Published: 2023-01-18T01:15:12.477
Modified: 2023-11-07T03:53:50.353
Link: CVE-2022-43483
JSON object: View
Redhat Information
No data.
CWE