First published: Wed Oct 04 2023(Updated: )
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command.
Credit: cybersecurity@se.com cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Spacelogic C-bus Toolkit | <1.16.4 | |
<1.16.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-5399.
The severity of CVE-2023-5399 is critical with a severity value of 9.8.
The CWE ID for this vulnerability is CWE-22.
The Schneider-electric Spacelogic C-bus Toolkit version 1.16.4 is affected by CVE-2023-5399.
To fix CVE-2023-5399, it is recommended to update the Schneider-electric Spacelogic C-bus Toolkit to a version that is not affected by the vulnerability.