PT-2023-29458 · Siemens · Sicam Pas/Pqs
Published
2023-10-10
·
Updated
2024-06-11
·
CVE-2023-45205
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SICAM PAS/PQS versions 8.00 through 8.20
Description
A security issue has been identified where the application is installed with specific files and folders that have insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to
NT AUTHORITY/SYSTEM.Recommendations
For SICAM PAS/PQS versions 8.00 through 8.20, update the permissions of the installed files and folders to prevent arbitrary code injection and privilege escalation.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sicam Pas/Pqs