CVE-2022-22731

Name of the Vulnerable Software and Affected Versions EcoStruxure Power Commission versions prior to V2.22

Description The issue is related to an improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' vulnerability. This could allow a remote attacker to create or overwrite critical files used to execute code, such as programs or libraries, potentially leading to the execution of arbitrary code.

Recommendations For versions prior to V2.22, update to version V2.22 or later to resolve the issue. As a temporary workaround, consider restricting access to critical files and directories to minimize the risk of exploitation.