CVE-2024-10313
CVE-2024-10313
Título es
CVE-2024-10313
Jue, 24/10/2024 – 18:15
Tipo
CWE-22
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-10313
Descripción en
iniNet Solutions SpiderControl SCADA PC HMI Editor has a path traversal
vulnerability. When the software loads a malicious ‘ems' project
template file constructed by an attacker, it can write files to
arbitrary directories. This can lead to overwriting system files,
causing system paralysis, or writing to startup items, resulting in
remote control.
vulnerability. When the software loads a malicious ‘ems' project
template file constructed by an attacker, it can write files to
arbitrary directories. This can lead to overwriting system files,
causing system paralysis, or writing to startup items, resulting in
remote control.
24/10/2024
24/10/2024
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Gravedad 4.0
8.60
Gravedad 4.0 txt
HIGH
Gravedad 3.1 (CVSS 3.1 Base Score)
8.00
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH
Enviar en el boletín
Off
