Описание
A CWE-269 Improper Privilege Management vulnerability exists in EcoStruxureª Operator Terminal Expert runtime (Vijeo XD) that could cause privilege escalation on the workstation when interacting directly with a driver installed by the runtime software of EcoStruxureª Operator Terminal Expert.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.1 (исключая)
Одно из
cpe:2.3:a:schneider-electric:operator_terminal_expert_runtime:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:operator_terminal_expert_runtime:3.1:-:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:operator_terminal_expert_runtime:3.1:service_pack_1a:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00038
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-269
Связанные уязвимости
github
больше 3 лет назад
A CWE-269 Improper Privilege Management vulnerability exists in EcoStruxureª Operator Terminal Expert runtime (Vijeo XD) that could cause privilege escalation on the workstation when interacting directly with a driver installed by the runtime software of EcoStruxureª Operator Terminal Expert.
EPSS
Процентиль: 11%
0.00038
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-269