Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a “repair” operation on the product.
CPE | Name | Operator | Version |
---|---|---|---|
automation_builder | ge | 1.1.0 | |
automation_builder | le | 2.5.0 | |
drive_composer | ge | 2.0 | |
drive_composer | lt | 2.7.1 | |
drive_composer | ge | 2.0 | |
drive_composer | lt | 2.7.1 | |
mint_workbench | le | 5866 |