CVE-2021-32498

Summary

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator and use path traversal to run an arbitrary executable located on the host system. When the user starts the emulator from SOPAS ET the corresponding executable will be started instead of the emulator

Affected Software

VendorProductVersion RangeStatus
n/aSICK SOPAS ETall versions before 4.8.0affected

Weaknesses

  • Improper Limitation of a Pathname to a Restricted Directory

ADP Enrichment

CVE Program Container

Additional References

References