CVE-2018-5313

Name of the Vulnerable Software and Affected Versions Rapid Scada version 5.5.0

Description A local attacker can escalate privileges due to weak access control restrictions set during the installation of the product. The vulnerability exists within the access control and allows an attacker to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM.

Recommendations For Rapid Scada version 5.5.0, consider restricting access to the C:SCADA directory to prevent exploitation until a patch is available. As a temporary workaround, review and modify the access control settings to enforce stronger permissions, limiting the ability of attackers to leverage this flaw for privilege escalation.