PT-2026-2406 · Emerson · Emerson Pac Machine Edition

Luis Martinez

Publicado

2026-01-13

Atualizado

2026-01-14

CVE-2022-50930

CVSS v3.1

8.4

Alta

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Emerson PAC Machine Edition version 9.80

Description Emerson PAC Machine Edition 9.80 has an issue with an unquoted service path in the TrapiServer service. This could allow local users to potentially run code with higher privileges. An attacker can take advantage of the unquoted path in the service setup to inject malicious code that runs with LocalSystem permissions when the service starts.

Recommendations Ensure the service path for TrapiServer is properly quoted.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-428

Identificadores relacionados

CVE-2022-50930

Produtos afetados

Emerson Pac Machine Edition

PT-2026-2406 · Emerson · Emerson Pac Machine Edition

CVE-2022-50930

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6