4 matches found
High-Severity Flaw Reported in Critical System Used by Oil and Gas Companies
Cybersecurity researchers have disclosed details of a new vulnerability in a system used across oil and gas organizations that could be exploited by an attacker to inject and execute arbitrary code. The high-severity issue, tracked as CVE-2022-0902 CVSS score: 8.1, is a path-traversal vulnerabili...
CVE-2022-0902
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in flow computer and remote controller products of ABB RMC-100 Standard, RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC...
CVE-2022-0902
CVE-2022-0902 affects ABB Totalflow flow computers and remote controllers (RMC-100 Standard/LITE, XIO, XFCG5, XRCG5, uFLOG5, UDC). The issue combines path traversal and command-injection vulnerabilities in the proprietary Totalflow TCP protocol, allowing a remote attacker to insert and run arbitr...
CVE-2022-0902 ABB Flow Computer and Remote Controllers Path Traversal Vulnerability in Totalflow TCP protocol can lead to root access
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in flow computer and remote controller products of ABB RMC-100 Standard, RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC...