CVE-2023-32615

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Sep 5, 2023

Updated: Sep 8, 2023

CWE ID 610

CWE ID 73

Summary

CVE-2023-32615 is a file write vulnerability identified in the OAS Engine configuration functionality of Open Automation Software OAS Platform version 18.00.0072. Maliciously crafted network requests can exploit this vulnerability, resulting in arbitrary file creation or overwrite. An attacker can leverage this issue to potentially gain unauthorized access or execute malicious code, posing a significant risk to affected systems. It is essential to apply the necessary patches or upgrades to mitigate this vulnerability promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Open Automation Software

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/skgSPx
https://www.cve.org/CVERecord?id=CVE-2023-32615
https://nvd.nist.gov/vuln/detail/CVE-2023-32615

Back to Vulnerability Database

CVE-2023-32615

CVSS 3.1 Score 8.1 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations