9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.1%
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’), Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node.
CPE | Name | Operator | Version |
---|---|---|---|
abb:rmc-100_firmware | abb rmc-100 firmware | lt | 2105457-037 |
[
{
"product": "RMC-100 (Standard)",
"vendor": "ABB",
"versions": [
{
"lessThan": "2105457-037",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "RMC-100-LITE",
"vendor": "ABB",
"versions": [
{
"lessThan": "2106229-011",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "XIO",
"vendor": "ABB",
"versions": [
{
"lessThan": "2106198-008",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "XFCG5 ",
"vendor": "ABB",
"versions": [
{
"lessThan": "2105805-016",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "XRCG5 ",
"vendor": "ABB",
"versions": [
{
"lessThan": "2105864-016",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "uFLOG5 ",
"vendor": "ABB",
"versions": [
{
"lessThan": "2105298-024",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "UDC",
"vendor": "ABB",
"versions": [
{
"lessThan": "2106177-007",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]
More
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.1%