Insecure Permission Assignment Vulnerability in RoboDK Versions 5.5.3 and Prior

Insecure Permission Assignment Vulnerability in RoboDK Versions 5.5.3 and Prior

CVE-2023-1516 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

RoboDK versions 5.5.3 and prior contain an insecure permission assignment to critical directories vulnerability, which could allow a local user to escalate privileges and write files to the RoboDK process and achieve code execution.  

Learn more about our User Device Pen Test.