CVE-2018-1547

Name of the Vulnerable Software and Affected Versions IBM Robotic Process Automation with Automation Anywhere version 10.0

Description The issue is caused by improper output encoding in a CSV export, which could allow a remote attacker to execute arbitrary code on the system. An attacker could exploit this by persuading a victim to download the CSV export, open it in Microsoft Excel, and confirm two security questions, thereby allowing the attacker to run any command or program on the victim's machine.

Recommendations For IBM Robotic Process Automation with Automation Anywhere version 10.0, consider avoiding the use of the CSV export feature until a fix is available, and be cautious when opening CSV files in Microsoft Excel to minimize the risk of exploitation.