exploitDog

CVE-2017-12730

Опубликовано: 06 окт. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. Application services utilize unquoted search path elements, which could allow an attacker to execute arbitrary code with elevated privileges.

Ссылки

http://www.securityfocus.com/bid/100815
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-255-01
Mitigation
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/100815
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-255-01
Mitigation
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:myscada:mypro:*:*:*:*:*:*:*:*

Версия до 7.0.26 (включая)

EPSS

Процентиль: 29%

0.00106

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-428

CWE-428

Связанные уязвимости

GHSA-m2x6-rrgv-9p5h

CVSS3: 7.8

github

больше 3 лет назад

An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. Application services utilize unquoted search path elements, which could allow an attacker to execute arbitrary code with elevated privileges.

EPSS

Процентиль: 29%

0.00106

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-428

CWE-428