Delta Electronics Delta Robot Automation Studio (DRAS) versions prior to 1.13.20 are affected by improper restrictions where the software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. This may allow an attacker to view sensitive documents and information on the affected host.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-03 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2022-08-31T15:33:04.187584Z
Updated: 2024-09-16T20:27:14.723Z
Reserved: 2022-08-10T00:00:00
Link: CVE-2022-2759
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-08-31T16:15:11.450
Modified: 2022-09-02T21:53:44.030
Link: CVE-2022-2759
Redhat
No data.