CVE-2022-2006
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AutomationDirect | C-more EA9 | EA9-T6CL < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-T6CL-R < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-T7CL < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-T7CL-R < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-T8CL < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-T10CL < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-T10WCL < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-T12CL < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-T15CL < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-RHMI < 6.73 | affected |
| AutomationDirect | C-more EA9 | EA9-PGMSW < 6.73 | affected |
Weaknesses
- CWE-427: CWE-427 Uncontrolled Search Path Element
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.