CVE-2022-45792

HIGH

Omron SYSMAC Studio < 1.54.0 - Path Traversal and Arbitrary File Write via Project File

Title source: llm

Description

Project files may contain malicious contents which the software will use to create files on the filesystem. This allows directory traversal and overwriting files with the privileges of the logged-in user.

References (1)

Core 1

Core References

Third Party Advisory

https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/

Scores

CVSS v3 7.8

EPSS 0.0033

EPSS Percentile 24.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-22

Status published

Products (1)

omron/sysmac_studio < 1.54.0

Published Jan 22, 2024

Tracked Since Feb 18, 2026