Vulnerability CVE-2022-2006

Vulnerability CVE-2022-2006

Published: 2022-08-31

Description:

AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;

Type:

CWE-427

(Uncontrolled Search Path Element)

References:

https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01

Copyright 2024, cxsecurity.com