exploitDog

GHSA-pxg4-q469-ggv7

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked. The driver does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked. The driver does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Ссылки

EPSS

Процентиль: 13%

0.00044

Низкий

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2020-7523

CVSS3: 7.8

nvd

больше 5 лет назад

Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked. The driver does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

BDU:2020-03998

CVSS3: 7.8

fstec

больше 5 лет назад

Уязвимость драйвера программируемых логических контроллеров Schneider Electric Modbus Serial Driver и Schneider Electric Modbus Driver Suite, связанная с небезопасным управлением привилегиями, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 13%

0.00044

Низкий

CVE ID

Дефекты

CWE-269