CVE-2022-0223

Name of the Vulnerable Software and Affected Versions EcoStruxure Power Commission versions prior to V2.22

Description The issue is related to an improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' vulnerability. This could allow a remote attacker to create or overwrite critical files used to execute code, such as programs or libraries, leading to unauthenticated code execution.

Recommendations For versions prior to V2.22, update to version V2.22 or later to resolve the issue. As a temporary workaround, consider restricting access to critical files and directories to minimize the risk of exploitation. Avoid using vulnerable functions or modules that may be affected by the 'Path Traversal' issue until the update is applied.