Remote Code Execution Vulnerability in Honeywell Saia PG5 Controls Suite
CVE-2023-51599
8.8HIGH
What is CVE-2023-51599?
A vulnerability exists in the Honeywell Saia PG5 Controls Suite that allows remote code execution through directory traversal. This specific flaw arises from improper validation of user-supplied paths during ZIP file parsing. An attacker can exploit this weakness by enticing a user to visit a malicious webpage or open a compromised file. If successful, the attacker is granted the ability to execute arbitrary code in the context of the current user, potentially compromising the affected system's integrity.
Affected Version(s)
Saia PG5 Controls Suite PG5 v2.3.193