CVE-2020-12042

EPSS 0.5%CWE-347

Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within the zip files used to update the SoftPAC firmware are not sanitized. As a result, an attacker with user privileges can gain arbitrary file write access with system access.

Productos afectados

n/a · Opto 22 SoftPAC Project

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.us-cert.gov/ics/advisories/icsa-20-135-01