← Back

Isagraf

isagraf

Vendor: Rockwellautomation • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-1018
1Rockwellautomation
3Connected Components Workbench
IsagrafSafety Instrumented Systems Workstation
Nov 21, 2024
Apr 1, 2022
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this t...Show more
When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality.Show less