CVE-2021-43555

HIGH Year: 2021
CVSS v3 Score
7.8
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-23
View all →

Vulnerability Description

mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution.

Related Vulnerabilities

CVE-2021-29100

HIGH
CVSS:7.8(High)

A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. An attacker could exploit this vu...

CWE-232021

CVE-2022-23531

HIGH
CVSS:7.8(High)

GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversal when scanning a specially-crafted local PyPI package. Running GuardDog aga...

CWE-232022

CVE-2022-42470

HIGH
CVSS:7.8(High)

A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via...

CWE-232022

CVE-2023-23379

HIGH
CVSS:7.8(High)

Microsoft Defender for IoT Elevation of Privilege Vulnerability

CWE-232023

CVE-2023-34394

HIGH
CVSS:7.8(High)

In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, ...

CWE-232023