Lucene search

IcscertCVELIST:CVE-2021-27445

HistoryDec 21, 2021 - 5:54 p.m.

CVE-2021-27445 Mesa Labs AmegaView Improper Privilege Management

2021-12-2117:54:59

CWE-269

icscert

www.cve.org

cve-2021-27445

mesa labs amegaview

privilege management

insecure file permissions

escalate privileges

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

Percentile

10.4%

JSON

Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device.

CNA Affected

[
  {
    "product": "AmegaView",
    "vendor": "Mesa Labs",
    "versions": [
      {
        "lessThanOrEqual": "3.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

us-cert.cisa.gov/ics/advisories/icsa-21-147-03

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

Percentile

10.4%

JSON

Related for CVELIST:CVE-2021-27445