๐ ABB Cylon Aspect 3.08.03 projectUpdateBSXFileProcess.php Remote Guest2Root
The ABB BMS/BAS controller is vulnerable to code execution and sudo misconfiguration flaws. An authenticated remote code execution vulnerability in the firmware update mechanism allows an attacker with valid credentials to escalate privileges and execute commands as root. The process involves...