CVE-2026-6499
Deferred
Deferred - Pending Action
Incorrect Permission Assignment for Critical Resource in OpenConcerto
Publication date: 2026-05-04
Last updated on: 2026-05-04
Assigner: TCS-CERT
Description
Description
Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique OpenConcerto allows Replace Binaries.
This issue affects OpenConcerto: 1.7.5.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ilm_informatique | openconcerto | 1.7.5 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-732 | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Incorrect Permission Assignment for a Critical Resource in ILM Informatique OpenConcerto version 1.7.5. It allows an attacker with limited privileges to replace binaries within the application.
How can this vulnerability impact me? :
The vulnerability could allow an attacker with low-level permissions to replace critical binaries, potentially leading to unauthorized code execution or modification of the application behavior.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70