Our new Biannual ICS Risk & Vulnerability Report is the most up-to-date look at CVEs disclosed in OT devices.
Check it out!
CWE-73: EXTERNAL CONTROL OF FILE NAME OR PATH There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files. Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution, and acquire complete remote control over the machine. Read: “Claroty, Auvesy Coordinate Disclosure on Versiondog Vulnerabilities”