Vulnerabilities > CVE-2022-31218 - Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

abb

NVD

Published: 2022-06-15

Updated: 2024-11-21

Summary

Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.

Vulnerable Configurations

Part	Description	Count
Application	Abb ABB Mint Workbench - ABB Mint Workbench 5866 ABB Automation Builder 1.1.0 ABB Automation Builder 1.1.1 ABB Automation Builder 1.1.2 ABB Automation Builder 1.2.0 ABB Automation Builder 1.2.1 ABB Automation Builder 1.2.2 ABB Automation Builder 1.2.3 ABB Automation Builder 1.2.4 ABB Automation Builder 2.0.3 ABB Automation Builder 2.0.4 ABB Automation Builder 2.1.1 ABB Automation Builder 2.1.2 ABB Automation Builder 2.2.1 ABB Automation Builder 2.2.2 ABB Automation Builder 2.2.3 ABB Automation Builder 2.2.4 ABB Automation Builder 2.2.5 ABB Automation Builder 2.3.0 ABB Automation Builder 2.4.1 ABB Automation Builder 2.5.0 ABB Drive Composer 2.0 ABB Drive Composer 2.7	26

Summary

Vulnerable Configurations

References