HIGH🇵🇱 Wersja polska

CVE-2020-7527

CVSS 7.8v3.1pub. 2020-08-31upd. 2024-11-21

Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) and prior which could cause elevation of privilege and provide full access control to local system users to SoMove component and services when a SoMove installer script is launched.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Schneider Electric Somove

    APP
    Schneider-Electric
    ≤ 2.8.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-7239HIGH7.8ten sam produkt

A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software compo...

CVE-2014-9200HIGH7.5ten sam produkt

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pr...

CVE-2013-0662HIGH9.3ten sam produkt

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through...

CVE-2018-7841CRITICAL9.8⚠ KEVten sam vendor

A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unw...

CVE-2024-10575CRITICAL10.0PL ✓ten sam vendor

Brak autoryzacji w Schneider Electric EcoStruxure IT Gateway (CVSS 10.0)