iniNet SpiderControl PLC Editor Simatic 6.30.04 Local Privilege Escalation

Type nessus
Reporter This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-07-22T00:00:00


According to its self-reported version, the iniNet SpiderControl PLC Editor Simatic application running on the remote host is version 6.30.04. It is, therefore, affected by a flaw due to setting insecure permissions on the installation directory and files. A local attacker can exploit this to replace files, resulting in an escalation of privileges.

                                            Binary data scada_ininet_spidercontrol_plc_editor_simatic_6_30_04.nbin