CVE-2021-22281 MEDIUM

CVE-2021-22281: Zip Slip Vulnerability in B&R Automation Studio Project Import

Vendor B&R Industrial Automation
Product Automation Studio
Weakness CWE-23
Published February 2, 2024
Last update August 21, 2024

CVSS base score

6.3/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

What the vulnerability does

01Description

: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12.

Key dates

02Disclosure timeline

February 2, 2024 CVE published
August 21, 2024 Record updated