CVE-2024-8306
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
Publication date: 2024-09-11
Last updated on: 2024-09-18
Assigner: cpcert@se.com
Description
Description
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access, loss of confidentiality, integrity and availability of the workstation when non-admin
authenticated user tries to perform privilege escalation by tampering with the binaries.
CVSS Scores
EPSS Scores
Base Score: | 7.8 |
Base Severity: | HIGH |
Exploitability Score: | 1.8 |
Impact Score : | 5.9 |
Attack Vector (AV): | Local |
Attack Complexity (AC): | Low |
Privileges Required (PR): | Low |
User Interaction (UI): | N/A |
Scopes (S): | Unchanged |
Confidentiality (C): | High |
Integrity (I): | High |
Availability (A): | High |
Affected Vendors & Products
Vendor | Product | Version |
---|---|---|
schneider-electric | vijeo_designer_embedded_in_ecostruxure_machine_expert | * |
schneider-electric | vijeo_designer | 6.3 |
schneider-electric | vijeo_designer | * |
Helpful Resources
Exploitability
CWE ID | Description |
---|---|
NVD-CWE-noinfo |
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
Meta Information
Date published:
2024-09-11
Date last modified:
2024-09-18
Date generated:
2025-01-23
NVD report: