PT-2014-3821 · Schneider Electric · Schneider Electric Floating License Manager
Published
2014-02-28
·
Updated
2026-05-28
·
CVE-2014-0759
CVSS v3.1
5.9
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Schneider Electric Floating License Manager versions 1.0.0 through 1.4.0
Description
The issue allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. This is due to an unquoted Windows search path vulnerability.
Recommendations
For Schneider Electric Floating License Manager versions 1.0.0 through 1.4.0, consider updating to a version that fixes this issue, as no specific mitigation measures are provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Schneider Electric Floating License Manager