Vulnerabilities > Xylem > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-18 | CVE-2020-25176 | Path Traversal vulnerability in multiple products Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. | 9.8 |
| 2021-12-08 | CVE-2021-41063 | SQL Injection vulnerability in Xylem Aanderaa Geoview SQL injection vulnerability was discovered in Aanderaa GeoView Webservice prior to version 2.1.3 that could allow an unauthenticated attackers to execute arbitrary commands. | 9.8 |