Primary

Context

GE Vernova WorkstationST Path Traversal Vulnerability in EGD Configuration Server on Windows

Vulnerability

Patched

A path traversal vulnerability has been identified in GE Vernova WorkstationST versions through 07.10.10C, specifically within the EGD Configuration Server modules on Windows. This vulnerability allows for improper limitation of a pathname, enabling unauthorized users to traverse directories and potentially access restricted files.

Impact

Exploitation of this vulnerability could lead to arbitrary file overwriting on the EGD Configuration Server, as the path traversal flaw allows for unauthorized manipulation of file paths during uploads.

Remediation

The path traversal vulnerability has been addressed in GE Vernova WorkstationST versions 07.10.11C, 07.09.33C, and in the latest release version 08.00. Customers should update to one of these versions.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GE Vernova WorkstationST Path Traversal Vulnerability in EGD Configuration Server on Windows

Vulnerability

Impact

Remediation

Affected Products

GE Vernova WorkstationST

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating