A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local unprivileged attacker to achieve code execution with ADMINISTRATOR or even NT AUTHORITY/SYSTEM privileges.
CPE | Name | Operator | Version |
---|---|---|---|
simatic_energy_manager_basic | eq | 7.3 | |
simatic_energy_manager_basic | lt | 7.3 | |
simatic_energy_manager_pro | eq | 7.3 | |
simatic_energy_manager_pro | lt | 7.3 |