CVE-2021-22697

Summary

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.

Affected Software

VendorProductVersion RangeStatus
n/aEcoStruxure Power Build - Rapsody software V2.1.13 and prior.EcoStruxure Power Build - Rapsody software V2.1.13 and prior.affected

Weaknesses

  • CWE-434: CWE-434: Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CVE Program Container

Additional References

References