← back
CVE-2014-2375

Ecava IntegraXor SCADA Server External Control of File Name or Path

CVSS 8.3 EPSS 2.3%CWE-73
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature.
AV:N/AC:M/Au:N/C:P/I:P/A:C
Affected products
Ecava · IntegraXor SCADA Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-14-224-01https://www.cisa.gov/news-events/ics-advisories/icsa-14-224-01