Sick: >> Sopas Engineering Tool Security Vulnerabilities
SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user. When a user starts the emulator the executable is run without further checks.
CVSS Score
8.6
EPSS Score
0.001
Published
2021-12-17
SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator and use path traversal to run an arbitrary executable located on the host system. When the user starts the emulator from SOPAS ET the corresponding executable will be started instead of the emulator
CVSS Score
8.6
EPSS Score
0.001
Published
2021-12-17
SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-12-17