CVE-2022-34765

Name of the Vulnerable Software and Affected Versions X80 advanced RTU Communication Module versions 2.01 and later OPC UA Modicon Communication Module versions 1.10 and prior

Description A vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. This issue is related to external control of file name or path and could allow a remote attacker to cause a denial of service.

Recommendations For X80 advanced RTU Communication Module versions 2.01 and later, consider restricting access to the file path to prevent unauthorized firmware image loading until a patch is available. For OPC UA Modicon Communication Module versions 1.10 and prior, consider disabling the functionality that allows user-controlled data to be written to the file path to minimize the risk of exploitation. As a temporary workaround, consider implementing additional security measures to monitor and control remote access to the affected modules.