PT-2017-12668 · Myscada · Mypro
Publicado
2017-10-06
·
Atualizado
2019-10-09
·
CVE-2017-12730
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
mySCADA myPRO versions 7.0.26 and prior
Description
An issue was discovered where application services utilize unquoted search path elements. This could allow an attacker to execute arbitrary code with elevated privileges.
Recommendations
For versions 7.0.26 and prior, update to a version that fixes this issue to prevent the execution of arbitrary code with elevated privileges.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mypro