2 matches found
CVE-2022-31216 Drive Composer Link Following Local Privilege Escalation Vulnerability
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation o...
CVE-2022-31216
Summary: CVE-2022-31216 affects ABB Drive Composer and related ABB products. The vulnerability is due to improper privilege management (CWE-269) within the Drive Composer installer, enabling a low-privileged user to create and write a file anywhere on the file system as SYSTEM with arbitrary cont...