CVE-2021-32498
HIGH
8,6
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: changed
Confidentiality: high
Integrity: high
Availability: high
HIGH
9,3
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete
Description
AI Translation Available
SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator and use path traversal to run an arbitrary executable located on the host system. When the user starts the emulator from SOPAS ET the corresponding executable will be started instead of the emulator
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0013
Percentile
0,3th
Updated
EPSS Score Trend (Last 90 Days)
22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
StableCommon Consequences
Security Scopes Affected:
Integrity
Confidentiality
Availability
Potential Impacts:
Execute Unauthorized Code Or Commands
Modify Files Or Directories
Read Files Or Directories
Dos: Crash, Exit, Or Restart
Applicable Platforms
Technologies:
AI/ML
Application
Sopas Engineering Tool by Sick
Version Range Affected
To
4.8.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:sick:sopas_engineering_tool:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://sick.com/psirt#advisories
https://sick.com/psirt#advisories