Vulnerabilities > CVE-2022-47911 - Unspecified vulnerability in Sewio Real-Time Location System Studio

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

sewio

NVD

Published: 2023-01-18

Updated: 2024-11-21

Summary

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.

Vulnerable Configurations

Part	Description	Count
Application	Sewio Sewio Real Time Location System Studio *	1

References

https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01
https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01