Description
RoboDK versions 5.5.3 and prior contain an insecure permission assignment to critical directories vulnerability, which could allow a local user to escalate privileges and write files to the RoboDK process and achieve code execution.
References
Product
https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-01
Third Party AdvisoryUS Government Resource
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2023-03-28T21:15:10.293
1 year agoLast modified
2023-11-07T04:04:01.627
8 months ago