Lucene search

[email protected]NVD:CVE-2021-22817

HistoryFeb 09, 2022 - 11:15 p.m.

CVE-2021-22817

2022-02-0923:15:14

CWE-276

[email protected]

web.nvd.nist.gov

cve-2021-22817

cwe-276

unauthorized access

local privilege escalation

harmony/magelis ipc series

vijeo designer

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

14.1%

JSON

A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)

Affected configurations

Nvd

Node

schneider-electrichmibmuhi29d2801_firmware

AND

schneider-electrichmibmuhi29d2801Match-

Node

schneider-electrichmibmusi29d2801_firmware

AND

schneider-electrichmibmusi29d2801Match-

Node

schneider-electrichmibmuci29d2w01_firmware

AND

schneider-electrichmibmuci29d2w01Match-

Node

schneider-electrichmibmu0i29d2001_firmware

AND

schneider-electrichmibmu0i29d2001Match-

Node

schneider-electrichmibmu0i29d200a_firmware

AND

schneider-electrichmibmu0i29d200aMatch-

Node

schneider-electrichmibmuhi29d4801_firmware

AND

schneider-electrichmibmuhi29d4801Match-

Node

schneider-electrichmibmusi29d4801_firmware

AND

schneider-electrichmibmusi29d4801Match-

Node

schneider-electrichmibmuci29d4w01_firmware

AND

schneider-electrichmibmuci29d4w01Match-

Node

schneider-electrichmibmu0i29d4001_firmware

AND

schneider-electrichmibmu0i29d4001Match-

Node

schneider-electrichmibmu0i29d400a_firmware

AND

schneider-electrichmibmu0i29d400aMatch-

Node

schneider-electrichmibmu0i29di00a_firmware

AND

schneider-electrichmibmu0i29di00aMatch-

Node

schneider-electrichmibmu0i29de00a_firmware

AND

schneider-electrichmibmu0i29de00aMatch-

Node

schneider-electrichmibmphi74d2801_firmware

AND

schneider-electrichmibmphi74d2801Match-

Node

schneider-electrichmibmpsi74d2801_firmware

AND

schneider-electrichmibmpsi74d2801Match-

Node

schneider-electrichmibmp0i74d2001_firmware

AND

schneider-electrichmibmp0i74d2001Match-

Node

schneider-electrichmibmp0i74d200a_firmware

AND

schneider-electrichmibmp0i74d200aMatch-

Node

schneider-electrichmibmphi74d4801_firmware

AND

schneider-electrichmibmphi74d4801Match-

Node

schneider-electrichmibmpsi74d4801_firmware

AND

schneider-electrichmibmpsi74d4801Match-

Node

schneider-electrichmibmp0i74d4001_firmware

AND

schneider-electrichmibmp0i74d4001Match-

Node

schneider-electrichmibmp0i74d400a_firmware

AND

schneider-electrichmibmp0i74d400aMatch-

Node

schneider-electrichmibmp0i74di00a_firmware

AND

schneider-electrichmibmp0i74di00aMatch-

Node

schneider-electrichmibmp0i74de00a_firmware

AND

schneider-electrichmibmp0i74de00aMatch-

Node

schneider-electrichmibscea53d1l01_firmware

AND

schneider-electrichmibscea53d1l01Match-

Node

schneider-electrichmibmoma5ddf10l_firmware

AND

schneider-electrichmibmoma5ddf10lMatch-

Node

schneider-electrichmibmoma5dd1e01_firmware

AND

schneider-electrichmibmoma5dd1e01Match-

Node

schneider-electrichmibmoma5dd1101_firmware

AND

schneider-electrichmibmoma5dd1101Match-

Node

schneider-electrichmibmo0a5ddf10a_firmware

AND

schneider-electrichmibmo0a5ddf10aMatch-

Node

schneider-electrichmibmo0a5ddf101_firmware

AND

schneider-electrichmibmo0a5ddf101Match-

Node

schneider-electrichmibmo0a5dd1001_firmware

AND

schneider-electrichmibmo0a5dd1001Match-

Node

schneider-electrichmibmiea5dd1e01_firmware

AND

schneider-electrichmibmiea5dd1e01Match-

Node

schneider-electrichmibmiea5dd110l_firmware

AND

schneider-electrichmibmiea5dd110lMatch-

Node

schneider-electrichmibmiea5dd1101_firmware

AND

schneider-electrichmibmiea5dd1101Match-

Node

schneider-electrichmibmiea5dd100a_firmware

AND

schneider-electrichmibmiea5dd100aMatch-

Node

schneider-electrichmibmiea5dd1001_firmware

AND

schneider-electrichmibmiea5dd1001Match-

Node

schneider-electrichmibscea53d1l0t_firmware

AND

schneider-electrichmibscea53d1l0tMatch-

Node

schneider-electrichmibscea53d1l0a_firmware

AND

schneider-electrichmibscea53d1l0aMatch-

Node

schneider-electricvijeo_designerRange<1.2.1basic

schneider-electricvijeo_designerRange<6.2-

schneider-electricvijeo_designerMatch6.2--

schneider-electricvijeo_designerMatch6.2sp1-

schneider-electricvijeo_designerMatch6.2sp10-

schneider-electricvijeo_designerMatch6.2sp11-

schneider-electricvijeo_designerMatch6.2sp2-

schneider-electricvijeo_designerMatch6.2sp3.1-

schneider-electricvijeo_designerMatch6.2sp5.1-

schneider-electricvijeo_designerMatch6.2sp6-

schneider-electricvijeo_designerMatch6.2sp7-

schneider-electricvijeo_designerMatch6.2sp8-

schneider-electricvijeo_designerMatch6.2sp9-

VendorProductVersionCPE
schneider-electrichmibmuhi29d2801_firmware*cpe:2.3:o:schneider-electric:hmibmuhi29d2801_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmuhi29d2801-cpe:2.3:h:schneider-electric:hmibmuhi29d2801:-:*:*:*:*:*:*:*
schneider-electrichmibmusi29d2801_firmware*cpe:2.3:o:schneider-electric:hmibmusi29d2801_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmusi29d2801-cpe:2.3:h:schneider-electric:hmibmusi29d2801:-:*:*:*:*:*:*:*
schneider-electrichmibmuci29d2w01_firmware*cpe:2.3:o:schneider-electric:hmibmuci29d2w01_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmuci29d2w01-cpe:2.3:h:schneider-electric:hmibmuci29d2w01:-:*:*:*:*:*:*:*
schneider-electrichmibmu0i29d2001_firmware*cpe:2.3:o:schneider-electric:hmibmu0i29d2001_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmu0i29d2001-cpe:2.3:h:schneider-electric:hmibmu0i29d2001:-:*:*:*:*:*:*:*
schneider-electrichmibmu0i29d200a_firmware*cpe:2.3:o:schneider-electric:hmibmu0i29d200a_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmu0i29d200a-cpe:2.3:h:schneider-electric:hmibmu0i29d200a:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
schneider-electric	hmibmuhi29d2801_firmware	*	cpe:2.3:o:schneider-electric:hmibmuhi29d2801_firmware::::::::
schneider-electric	hmibmuhi29d2801	-	cpe:2.3:h:schneider-electric:hmibmuhi29d2801:-:::::::*
schneider-electric	hmibmusi29d2801_firmware	*	cpe:2.3:o:schneider-electric:hmibmusi29d2801_firmware::::::::
schneider-electric	hmibmusi29d2801	-	cpe:2.3:h:schneider-electric:hmibmusi29d2801:-:::::::*
schneider-electric	hmibmuci29d2w01_firmware	*	cpe:2.3:o:schneider-electric:hmibmuci29d2w01_firmware::::::::
schneider-electric	hmibmuci29d2w01	-	cpe:2.3:h:schneider-electric:hmibmuci29d2w01:-:::::::*
schneider-electric	hmibmu0i29d2001_firmware	*	cpe:2.3:o:schneider-electric:hmibmu0i29d2001_firmware::::::::
schneider-electric	hmibmu0i29d2001	-	cpe:2.3:h:schneider-electric:hmibmu0i29d2001:-:::::::*
schneider-electric	hmibmu0i29d200a_firmware	*	cpe:2.3:o:schneider-electric:hmibmu0i29d200a_firmware::::::::
schneider-electric	hmibmu0i29d200a	-	cpe:2.3:h:schneider-electric:hmibmu0i29d200a:-:::::::*

Rows per page:

1-10 of 851

References

download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-06

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

14.1%

JSON

Related for NVD:CVE-2021-22817

cvelist1 cve1 prion1