← volver
CVE-2023-6132

AVEVA Edge products Uncontrolled Search Path Element

CVSS 7.3 HIGHEPSS 0.2%CWE-427
The vulnerability, if exploited, could allow a malicious entity with access to the file system to achieve arbitrary code execution and privilege escalation by tricking AVEVA Edge to load an unsafe DLL.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Productos afectados
AVEVA · AVEVA Edge

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.aveva.com/en/support-and-success/cyber-security-updates/https://www.cisa.gov/news-events/ics-advisories/icsa-24-032-03