CVE-2022-31217

The CVE-2022-31217 entry concerns ABB Drive Composer and related products (Drive Composer, Automation Builder, Mint Workbench). Affected behavior is a local privilege escalation: a low-privileged user can create and write to any non-existing file on the filesystem as SYSTEM, via the Drive Compose...

CVE-2022-31219

CVE-2022-31219 affects ABB Drive Composer and related tools (Drive Composer Entry/Pro, Automation Builder, Mint Workbench). The vulnerability arises from improper privilege management (CWE-269) allowing a low-privileged user to create and write to files anywhere on the file system as SYSTEM when ...

CVE-2022-31216

Summary: CVE-2022-31216 affects ABB Drive Composer and related ABB products. The vulnerability is due to improper privilege management (CWE-269) within the Drive Composer installer, enabling a low-privileged user to create and write a file anywhere on the file system as SYSTEM with arbitrary cont...

CVE-2022-31218

CVE-2022-31218 details (connected docs) show an ABB Drive Composer‑related local privilege escalation. The vulnerability stems from improper privilege management in the Drive Composer installer, enabling a low‑privileged user to create and write a file anywhere on the file system as SYSTEM with a...

CVE-2022-26057

The CVE-2022-26057 issue affects ABB Mint Workbench (and related ABB products) under the Drive Composer/Automation Builder suite. The vulnerability arises from improper privilege management (CWE-269) that allows a low-privileged attacker to create and write a file anywhere on the file system as S...

CVE-2024-5402

CVE-2024-5402 affects ABB Mint Workbench I, specifically versions 5866 through 5868. The issue is an unquoted search path or element vulnerability that lets a local attacker escalate privileges by placing an executable in the path of the affected service. The root cause is the unquoted path handl...