CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
14.1%
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)
Vendor | Product | Version | CPE |
---|---|---|---|
schneider-electric | hmibmuhi29d2801_firmware | * | cpe:2.3:o:schneider-electric:hmibmuhi29d2801_firmware:*:*:*:*:*:*:*:* |
schneider-electric | hmibmuhi29d2801 | - | cpe:2.3:h:schneider-electric:hmibmuhi29d2801:-:*:*:*:*:*:*:* |
schneider-electric | hmibmusi29d2801_firmware | * | cpe:2.3:o:schneider-electric:hmibmusi29d2801_firmware:*:*:*:*:*:*:*:* |
schneider-electric | hmibmusi29d2801 | - | cpe:2.3:h:schneider-electric:hmibmusi29d2801:-:*:*:*:*:*:*:* |
schneider-electric | hmibmuci29d2w01_firmware | * | cpe:2.3:o:schneider-electric:hmibmuci29d2w01_firmware:*:*:*:*:*:*:*:* |
schneider-electric | hmibmuci29d2w01 | - | cpe:2.3:h:schneider-electric:hmibmuci29d2w01:-:*:*:*:*:*:*:* |
schneider-electric | hmibmu0i29d2001_firmware | * | cpe:2.3:o:schneider-electric:hmibmu0i29d2001_firmware:*:*:*:*:*:*:*:* |
schneider-electric | hmibmu0i29d2001 | - | cpe:2.3:h:schneider-electric:hmibmu0i29d2001:-:*:*:*:*:*:*:* |
schneider-electric | hmibmu0i29d200a_firmware | * | cpe:2.3:o:schneider-electric:hmibmu0i29d200a_firmware:*:*:*:*:*:*:*:* |
schneider-electric | hmibmu0i29d200a | - | cpe:2.3:h:schneider-electric:hmibmu0i29d200a:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
14.1%