Remote Code Execution Vulnerability in Honeywell Saia PG5 Controls Suite Due to CAB File Parsing Directory Traversal
CVE-2023-51603
8.8HIGH
What is CVE-2023-51603?
A vulnerability exists in the Honeywell Saia PG5 Controls Suite due to improper validation of user-supplied paths when parsing CAB files. As a result, attackers can exploit this flaw to execute arbitrary code, provided that the victim interacts with a malicious page or file. Successful exploitation can compromise the current user's environment, posing significant risks to affected installations.
Affected Version(s)
Saia PG5 Controls Suite PG5 v2.3.193