CVE-2022-31217

Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation o...

CVE-2022-31217 Drive Composer Link Following Local Privilege Escalation Vulnerability

Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation o...

CVE-2022-31217 Drive Composer Link Following Local Privilege Escalation Vulnerability

Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation o...

CVE-2022-31217

The CVE-2022-31217 entry concerns ABB Drive Composer and related products (Drive Composer, Automation Builder, Mint Workbench). Affected behavior is a local privilege escalation: a low-privileged user can create and write to any non-existing file on the filesystem as SYSTEM, via the Drive Compose...