Schneider-electric - Wonderware Indusoft Web Studio CVE

Filtered by vendor Schneider-electric Subscribe

Filtered by product Wonderware Indusoft Web Studio

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-7968	1 Schneider-electric	1 Wonderware Indusoft Web Studio	2019-10-09	7.2 HIGH	7.8 HIGH
An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation, Wonderware InduSoft Web Studio creates a new directory and two files, which are placed in the system's path and can be manipulated by non-administrators. This could allow an authenticated user to escalate his or her privileges.

Vulnerabilities (CVE)