2 matches found
CVE-2022-31218 Drive Composer Link Following Local Privilege Escalation Vulnerability
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation o...
CVE-2022-31218
CVE-2022-31218 details (connected docs) show an ABB Drive Composer‑related local privilege escalation. The vulnerability stems from improper privilege management in the Drive Composer installer, enabling a low‑privileged user to create and write a file anywhere on the file system as SYSTEM with a...