In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code execution.
References
Link | Resource |
---|---|
https://rapidscada.org/contact/ | Product |
https://www.cisa.gov/news-events/ics-advisories/icsa-24-011-03 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2024-02-01T23:10:58.968Z
Updated: 2024-02-01T23:10:58.968Z
Reserved: 2024-01-05T21:39:05.402Z
Link: CVE-2024-21852
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-02-01T23:15:10.730
Modified: 2024-02-07T17:15:05.653
Link: CVE-2024-21852
JSON object: View
Redhat Information
No data.
CWE