Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2022/11/10 7:49 a.m.67 views

High-Severity Flaw Reported in Critical System Used by Oil and Gas Companies

Cybersecurity researchers have disclosed details of a new vulnerability in a system used across oil and gas organizations that could be exploited by an attacker to inject and execute arbitrary code. The high-severity issue, tracked as CVE-2022-0902 CVSS score: 8.1, is a path-traversal vulnerabili...

9.8CVSS2.2AI score0.16362EPSS
Exploits0
NVD
NVD
added 2022/07/21 4:15 p.m.10 views

CVE-2022-0902

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in flow computer and remote controller products of ABB RMC-100 Standard, RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC...

9.8CVSS0.16362EPSS
Exploits0References1
CVE
CVE
added 2022/07/21 3:34 p.m.72 views

CVE-2022-0902

CVE-2022-0902 affects ABB Totalflow flow computers and remote controllers (RMC-100 Standard/LITE, XIO, XFCG5, XRCG5, uFLOG5, UDC). The issue combines path traversal and command-injection vulnerabilities in the proprietary Totalflow TCP protocol, allowing a remote attacker to insert and run arbitr...

9.8CVSS9.1AI score0.16362EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/21 3:34 p.m.16 views

CVE-2022-0902 ABB Flow Computer and Remote Controllers Path Traversal Vulnerability in Totalflow TCP protocol can lead to root access

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in flow computer and remote controller products of ABB RMC-100 Standard, RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC...

8.1CVSS9.7AI score0.16362EPSS
Exploits0References1
Rows per page
Query Builder