How severe is CVE-2022-2791?

CVE-2022-2791 has a CVSS v3 score of 5.9 (MEDIUM).

CVE-2022-2791

Name: proficy
Author: emerson

5.9MEDIUM

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder t

发布于: 11/22/2022更新于: 11/21/2024

描述

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC.

AI分析AI驱动

受影响产品

emersonproficy

参考资料

https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06
Third Party AdvisoryUS Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06
Third Party AdvisoryUS Government Resource