3950 matches found
CVE-2023-42489
EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource...
Code injection
EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource...
CVE-2023-42489 EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource
EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource...
CVE-2023-42489
The CVE-2023-42489 entry concerns EisBaer Scada with a root cause of Incorrect Permission Assignment for Critical Resource (CWE-732). Affected software is EisBaer Scada; the vulnerability is tied to misconfigured permissions on critical resources, enabling high-impact exposure (C/H I/H A/H per CV...
CVE-2023-42489 EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource
EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource...
GitHub Enterprise Server Security Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from an incorrect...
Alexander Maier EisBaer Scada Security Breach
Alexander Maier EisBaer Scada is a visual reality display and control program created on Windows operating systems by Alexander Maier of Germany. Alexander Maier EisBaer Scada has a security vulnerability that originates from incorrect assignment of privileges to critical resources...
The vulnerability of the SICAM PAS/PQS automation software for controlling electrical energy facilities lies in the improper assignment of permissions for critical resources during the verification of the certificate signing request. This allows a violator to read and modify these configuration data within the context of the application process.
The vulnerability of the SICAM PAS/PQS software for automating control systems in electrical energy facilities is related to the incorrect assignment of permissions to critical resources. Exploiting this vulnerability could allow an attacker to read and modify configuration data during the...
CVE-2023-44201
An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration changes without having the permissions. When a user with the respective permissions commits a...
Design/Logic Flaw
An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration changes without having the permissions. When a user with the respective permissions commits a...
CVE-2023-44201 Junos OS and Junos OS Evolved: A local attacker can retrieve sensitive information and elevate privileges on the device to an authorized user.
An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration changes without having the permissions. When a user with the respective permissions commits a...
CVE-2023-44201
Summary: CVE-2023-44201 affects Juniper Networks Junos OS and Junos OS Evolved. A local authenticated attacker can exploit an incorrect permission assignment for a critical resource to read configuration changes, potentially exposing password hashes during password changes. Affected products/vers...
Siemens SICAM PAS/PQS Incorrect Privilege Assignment Vulnerability (CNVD-2023-75593)
Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. Siemens SICAM PAS/PQS suffers from an incorrect privilege assignment vulnerability that can be exploited to inject arbitrary code and elevate privileges to NT AUTHORITY/SYSTEM...
Siemens SICAM PAS/PQS Incorrect Privilege Assignment Vulnerability
Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. Siemens SICAM PAS/PQS suffers from an incorrect privilege assignment vulnerability that can be exploited by an attacker to read and modify configuration data in the context of an...
(Pwn2Own) Microsoft Teams Incorrect Privilege Assignment Local Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft Teams. An attacker must first obtain the ability to execute script within the application window in order to exploit this vulnerability. The specific flaw exists within the processing of globa...
Siemens SINEC NMS Incorrect Privilege Assignment Vulnerability
Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. The Siemens SINEC NMS suffers from an Incorrect Privilege Assignment...
Juniper Junos OS Vulnerability (JSA73167)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73167 advisory. - An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated...
Siemens SICAM PAS/PQS 安全漏洞
Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. Siemens SICAM PAS/PQS suffers from an incorrect privilege assignment vulnerability that can be exploited by an attacker to read and modify configuration data in the context of an...
Siemens SINEC NMS 安全漏洞
Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. The Siemens SINEC NMS suffers from an Incorrect Privilege Assignment...
Siemens SICAM PAS/PQS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...