Path Traversal Vulnerability Leads to System Paralysis or Remote Control
CVE-2024-10313

8HIGH

Key Information:

Vendor: Ininet Solutions
Status: Spidercontrol Scada Pc Hmi Editor
Vendor: CVE Published:; 24 October 2024

🔔 Create Ininet Solutions Vulnerability Alert

What is CVE-2024-10313?

The iniNet Solutions SpiderControl SCADA PC HMI Editor is susceptible to a path traversal vulnerability that occurs when the software processes a specially crafted ‘ems' project template file. This vulnerability allows an attacker to manipulate file paths, enabling the application to write files to arbitrary directories. This behavior can result in the overwriting of critical system files, potentially leading to system paralysis, or modification of startup items, which may facilitate unauthorized remote control of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SpiderControl SCADA PC HMI Editor 8.10.00.00

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-2...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 24, 2024
Vulnerability Reserved
Oct 23, 2024

Credit

elcazator from ELEX FEIGONG RESEARCH INSTITUTE of Elex CyberSecurity, Inc. reported this vulnerability to CISA.

JSON

Ininet Solutions

What is CVE-2024-10313?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.