Design/Logic Flaw

2023-12-0515:15:00

PRIOn knowledge base

www.prio-n.com

remote attacker

vulnerability

command injection

file system

full control

7.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.0%

JSON

A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.

CPENameOperatorVersion
control_for_beaglebone_sllt4.11.0.0
control_for_empc-a\\/imx6lt4.11.0.0
control_for_iot2000_sllt4.11.0.0
control_for_linux_arm_sllt4.11.0.0
control_for_linux_sllt4.11.0.0
control_for_pfc100_sllt4.11.0.0
control_for_pfc200_sllt4.11.0.0
control_for_plcnext_sllt4.11.0.0
control_for_raspberry_pi_sllt4.11.0.0
control_for_wago_touch_panels_600_sllt4.11.0.0

Name	Operator	Version
control_for_beaglebone_sl	lt	4.11.0.0
control_for_empc-a\\/imx6	lt	4.11.0.0
control_for_iot2000_sl	lt	4.11.0.0
control_for_linux_arm_sl	lt	4.11.0.0
control_for_linux_sl	lt	4.11.0.0
control_for_pfc100_sl	lt	4.11.0.0
control_for_pfc200_sl	lt	4.11.0.0
control_for_plcnext_sl	lt	4.11.0.0
control_for_raspberry_pi_sl	lt	4.11.0.0
control_for_wago_touch_panels_600_sl	lt	4.11.0.0

Rows per page:

1-10 of 111

References

cert.vde.com/en/advisories/VDE-2023-066