PT-2023-29458 · Siemens · Sicam Pas/Pqs

Publicado

2023-10-10

Atualizado

2024-06-11

CVE-2023-45205

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SICAM PAS/PQS versions 8.00 through 8.20

Description A security issue has been identified where the application is installed with specific files and folders that have insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to NT AUTHORITY/SYSTEM.

Recommendations For SICAM PAS/PQS versions 8.00 through 8.20, update the permissions of the installed files and folders to prevent arbitrary code injection and privilege escalation.

Correção

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732

Identificadores relacionados

CVE-2023-45205

Produtos afetados

Sicam Pas/Pqs

PT-2023-29458 · Siemens · Sicam Pas/Pqs

CVE-2023-45205

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4