Unrated severityNVD Advisory· Published Jun 15, 2022· Updated Sep 16, 2024
Drive Composer Link Following Local Privilege Escalation Vulnerability
CVE-2022-31216
Description
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
Affected products
5(expand)+ 2 more
- (no CPE)
- (no CPE)range: 2.0
- (no CPE)range: 2.0
- Range: 1.1.0
- Range: build
Patches
Vulnerability mechanics
References
1- search.abb.com/library/Download.aspxmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.