The installer routine in Schneider Electric MiCOM S1 Studio uses world-writable permissions for executable files, which allows local users to modify the service or the configuration files, and consequently gain privileges or trigger incorrect protective-relay operation, via a Trojan horse executable file.
File data ot_500188.nasl
Vendor | Product | Version | CPE |
---|---|---|---|
schneider-electric | micom_s1_studio | - | cpe:2.3:a:schneider-electric:micom_s1_studio:-:*:*:*:*:*:*:* |