CVE-2024-8306
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized

Publication date: 2024-09-11

Last updated on: 2024-09-18

Assigner: cpcert@se.com

Description
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries.
CVSS Scores
EPSS Scores
Version 3.1
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score : 5.9
Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): N/A
Scopes (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High
Affected Vendors & Products
Vendor Product Version
schneider-electric vijeo_designer_embedded_in_ecostruxure_machine_expert *
schneider-electric vijeo_designer 6.3
schneider-electric vijeo_designer *
Helpful Resources
Exploitability
CWE ID Description
NVD-CWE-noinfo
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
Meta Information
Date published:
2024-09-11
Date last modified:
2024-09-18
Date generated:
2025-01-23
NVD report: