SDD files might contain an executable file that will be listed as the Emulators inside SOPAS ET. When a user starts the emulator, the executable is run without further checks. Attackers could wrap any executable file into an SDD and provide this to a SOPAS ET user. When installing the SDD the user may not be aware about the executable inside of the SDD.

Risk Information

  • CVE ID
  • CVE-2021-32497
  • Vendor
  • SICK
  • Product
  • SOPAS Engineering Tool
  • CVSS v3
  • 8.6