Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked. The driver does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
oryginał ENCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:HSchneider Electric Modbus Driver Suite
APPSchneider-Electric< 14.15.0.0Schneider Electric Modbus Serial Driver
APPSchneider-Electric< 2.20_ie_30< 3.20_ie_30
Powiązane podatności
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through...
An Externally Controlled Reference to a Resource (CWE-610) vulnerability exists in Schneider Electric Modbus S...
A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unw...
Brak autoryzacji w Schneider Electric EcoStruxure IT Gateway (CVSS 10.0)
Ujawnienie poświadczeń w urządzeniu Schneider Electric WHC-5918A