VYPR
Unrated severityNVD Advisory· Published Aug 25, 2022· Updated Apr 16, 2025

ISaGRAF Workbench Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-22

CVE-2022-2463

Description

Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.