The security descriptor of Measuresoft ScadaPro Server...
High severity
Unreviewed
Published
Sep 25, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Sep 23, 2022
Published to the GitHub Advisory Database
Sep 25, 2022
Last updated
Jan 27, 2023
The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges.
References