Описание
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.5.9.0 (включая) до 3.5.17.0 (исключая)Версия от 4.0.0.0 (включая) до 4.1.0.0 (исключая)
Одно из
cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:scripting:*:*:*:*:*:*:*:*
EPSS
Процентиль: 4%
0.00019
Низкий
7.3 High
CVSS3
Дефекты
CWE-668
Связанные уязвимости
CVSS3: 7.3
github
больше 2 лет назад
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.
EPSS
Процентиль: 4%
0.00019
Низкий
7.3 High
CVSS3
Дефекты
CWE-668