CVE-2022-34762
5.9
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric | OPC UA Modicon Communication Module | BMENUA0100 < V1.10 | affected |
| Schneider Electric | X80 advanced RTU Communication Module | V2.01 < BMENOR2200H* | affected |
Weaknesses
- CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.