Security Advisory

CVE-2022-0902

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-21 15:34:49

Last updated 2024-09-17 02:00:38

Assigner ABB

State PUBLISHED

Description

Improper Limitation of a Pathname to a Restricted Directory (Path Traversal), Improper Neutralization of Special Elements used in a Command (Command Injection) vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node.

← Browse all CVEs View on cve.org ↗