CVE-2020-12042

EPSS 0.5%CWE-347

Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within the zip files used to update the SoftPAC firmware are not sanitized. As a result, an attacker with user privileges can gain arbitrary file write access with system access.

Produtos afetados

n/a · Opto 22 SoftPAC Project

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.us-cert.gov/ics/advisories/icsa-20-135-01