HTTP: Rockwell Automation ISaGRAF Workbench 7-ZIP Directory Traversal
This signature detects attempts to exploit a known vulnerability against Rockwell Automation ISaGRAF Workbench. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful.
Affected Products
Rockwellautomation isagraf_workbench
References
CVE: CVE-2022-2463
Short Name
HTTP:DIR:RCKWL-ISAGRAF-7ZIP-TRV
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
7-ZIP Automation CVE-2022-2463 Directory ISaGRAF Rockwell Traversal Workbench
Release Date
08/23/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3650
False Positive
Unknown
Vendors
Rockwellautomation