Back to search
CVE-2017-7968
Published: May 19, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation, Wonderware InduSoft Web Studio creates a new directory and two files, which are placed in the system's path and can be manipulated by non-administrators. This could allow an authenticated user to escalate his or her privileges.
| Vendor | Product | Versions |
|---|---|---|
n/a | Schneider Electric Wonderware InduSoft Web Studio | affected Schneider Electric Wonderware InduSoft Web Studio |
Weaknesses (CWE)
References
https://ics-cert.us-cert.gov/advisories/ICSA-17-138-02
x_refsource_MISC
98544
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now