Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2013-2786
alstom grid micom
s1 agile
weak permissions
local users
gain privileges
cve-2013-2786
nvd
6.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:S/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
0.4%
Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file.
Affected configurations
Node
alstommicom_s1_agileRange≤1.0.2
ORalstommicom_s1_studioMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| alstom:micom_s1_agile | alstom micom s1 agile | le | 1.0.2 |
| alstom:micom_s1_studio | alstom micom s1 studio | eq | - |
Related
ics
ics
Alstom Grid S1 Agile Improper Authorization
2013-07-03 12:00:00
nvd
nvd
CVE-2013-2786
2013-07-10 22:55:03
prion
prion
Design/Logic Flaw
2013-07-10 22:55:00
cvelist
cvelist
CVE-2013-2786
2022-10-03 16:15:00
6.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:S/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
0.4%
Related for CVE-2013-2786