Elcomplus LLC SmartICS Path Traversal Vulnerability

Elcomplus LLC SmartICS is a builder of top-level visualizations for industrial automation systems from Elcomplus LLC. A path traversal vulnerability exists in Elcomplus LLC SmartICS, which stems from inadequate validation of file names. An attacker could exploit this vulnerability to perform a pa...

Elcomplus LLC SmartICS Cross-Site Scripting Vulnerability

Elcomplus LLC SmartICS is a builder of top-level visualizations for industrial automation systems from Elcomplus LLC. A cross-site scripting vulnerability exists in Elcomplus LLC SmartICS. The vulnerability stems from a failure to neutralize user-controllable input and can be exploited by an...

Elcomplus LLC SmartICS Access Control Error Vulnerability

Elcomplus LLC SmartICS is a builder for top-level visualization of industrial automation systems from Elcomplus LLC. An access control error vulnerability exists in Elcomplus LLC SmartICS version 2.3.4.0. An authenticated attacker with administrator privileges can exploit this vulnerability to be...

Elcomplus SmartICS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Elcomplus LLC Equipment: SmartICS Vulnerabilities: Improper Access Control, Relative Path Traversal, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...