CVE-2023-1516: Incorrect Permission Assignment for Critical Resource

March 28, 2023 (updated November 7, 2023)

RoboDK versions 5.5.3 and prior contain an insecure permission assignment to critical directories vulnerability, which could allow a local user to escalate privileges and write files to the RoboDK process and achieve code execution.

References

nvd.nist.gov/vuln/detail/CVE-2023-1516
robodk.com/contact
www.cisa.gov/news-events/ics-advisories/icsa-23-082-01

Code Behaviors & Features

Detect and mitigate CVE-2023-1516 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →