2 matches found
CVE-2022-31219 Drive Composer Link Following Local Privilege Escalation Vulnerability
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation o...
CVE-2022-31219
CVE-2022-31219 affects ABB Drive Composer and related tools (Drive Composer Entry/Pro, Automation Builder, Mint Workbench). The vulnerability arises from improper privilege management (CWE-269) allowing a low-privileged user to create and write to files anywhere on the file system as SYSTEM when ...