PT-2019-9700 · Abb · Abb Cp400 Panel Builder+1

Ivan Sanchez

Publicado

2019-02-13

Atualizado

2019-10-09

CVE-2018-19008

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ABB CP400 Panel Builder versions 2.0.7.05 and earlier

Description The issue concerns a vulnerability in the file parser of the TextEditor 2.0, where the application fails to properly prevent the insertion of specially crafted files. This could potentially allow arbitrary code execution.

Recommendations For ABB CP400 Panel Builder versions 2.0.7.05 and earlier, consider disabling the TextEditor 2.0 until a patch is available to prevent the insertion of specially crafted files.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2018-19008

Produtos afetados

Abb Cp400 Panel Builder

Ktexteditor

PT-2019-9700 · Abb · Abb Cp400 Panel Builder+1

CVE-2018-19008

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4