Vulnerability Details CVE-2024-21852
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.6%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-21852
-
cpe:2.3:a:rapidscada:rapid_scada:5.5.0
-
cpe:2.3:a:rapidscada:rapid_scada:5.5.1
-
cpe:2.3:a:rapidscada:rapid_scada:5.5.2
-
cpe:2.3:a:rapidscada:rapid_scada:5.5.3
-
cpe:2.3:a:rapidscada:rapid_scada:5.6.0
-
cpe:2.3:a:rapidscada:rapid_scada:5.6.1
-
cpe:2.3:a:rapidscada:rapid_scada:5.7.0
-
cpe:2.3:a:rapidscada:rapid_scada:5.7.1
-
cpe:2.3:a:rapidscada:rapid_scada:5.8.0
-
cpe:2.3:a:rapidscada:rapid_scada:5.8.1
-
cpe:2.3:a:rapidscada:rapid_scada:5.8.3
-
cpe:2.3:a:rapidscada:rapid_scada:5.8.4