CVE-2022-26057

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 91.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
ABB Mint Workbench
Timeline
PublishedJun 15
Latest updateJun 16

Description

Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Mint WorkBench installer file allows a low-privileged user to run a "repair" operation on the product

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5abb/mint_workbenchbuild5866

🔴Vulnerability Details

2
GHSA
GHSA-654p-jgh5-45f8: Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitra2022-06-16
CVEList
Mint WorkBench Link Following Local Privilege Escalation Vulnerability2022-06-15
CVE-2022-26057 (HIGH CVSS 7.8) | Vulnerabilities in the Mint WorkBen | cvebase.io