A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

Уязвимость SCADA-системы SIMATIC WinCC, связанная с неправильным присвоением разрешений для критичного ресурса, позволяющая нарушителю выполнить произвольный код или повысить свои привилегии