Lucene search

ABBVULNRICHMENT:CVE-2021-22281

HistoryFeb 02, 2024 - 7:24 a.m.

CVE-2021-22281 Zip Slip Vulnerability in B&R Automation Studio Project Import

2024-02-0207:24:29

CWE-23

ABB

github.com

cve-2021-22281

zip slip vulnerability

b&r automation studio

relative path traversal

b&r industrial automation

automation studio 4.0

automation studio 4.12

CVSS3

6.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

AI Score

6.9

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12.

References

www.br-automation.com/fileadmin/2021-11_ZipSlip_Vulnerability_in_Automation_Studio_Project_Import-b90d2f42.pdf

CVSS3

6.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

AI Score

6.9

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2021-22281