6 matches found
CVE-2022-31217
The CVE-2022-31217 entry concerns ABB Drive Composer and related products (Drive Composer, Automation Builder, Mint Workbench). Affected behavior is a local privilege escalation: a low-privileged user can create and write to any non-existing file on the filesystem as SYSTEM, via the Drive Compose...
CVE-2022-31219
CVE-2022-31219 affects ABB Drive Composer and related tools (Drive Composer Entry/Pro, Automation Builder, Mint Workbench). The vulnerability arises from improper privilege management (CWE-269) allowing a low-privileged user to create and write to files anywhere on the file system as SYSTEM when ...
CVE-2022-31218
CVE-2022-31218 details (connected docs) show an ABB Drive Composer‑related local privilege escalation. The vulnerability stems from improper privilege management in the Drive Composer installer, enabling a low‑privileged user to create and write a file anywhere on the file system as SYSTEM with a...
CVE-2022-31216
Summary: CVE-2022-31216 affects ABB Drive Composer and related ABB products. The vulnerability is due to improper privilege management (CWE-269) within the Drive Composer installer, enabling a low-privileged user to create and write a file anywhere on the file system as SYSTEM with arbitrary cont...
CVE-2025-3394
The CVE-2025-3394 entry affects ABB’s Automation Builder up to version 2.8.0 . The issue is described as an Incorrect Permission Assignment for a Critical Resource in the user management component, enabling modification of project/user data and overruling of user management. The vulnerability is ...
CVE-2025-3395
ABB Automation Builder contains a vulnerability (CVE-2025-3395) due to incorrect permission assignment for a critical resource and cleartext storage of sensitive information in project files. Affected product: Automation Builder up to version 2.8.0. Impact noted in CISA ICS advisory as the abilit...