HIGH🇬🇧 English

CVE-2024-8306

CVSS 7.8v3.1pub. 2024-09-11upd. 2024-09-18

CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Schneider Electric Vijeo Designer

    APP
    Schneider-Electric
    6.3< 6.3
  • Schneider Electric Vijeo Designer Embedded In Ecostruxure Machine Expert

    APP
    Schneider-Electric
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
LPE
CWE
Referencje

Powiązane podatności

CVE-2021-22704CRITICAL9.1ten sam produkt

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Prod...

CVE-2021-22817HIGH7.8ten sam produkt

A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base...

CVE-2021-22705HIGH7.8ten sam produkt

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause ...

CVE-2020-7501HIGH8.8ten sam produkt

A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prio...

CVE-2020-7490HIGH7.8ten sam produkt

A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and V...

CVE-2024-8306 — HIGH 7.8 | CVEbaza.pl