3 matches found
CVE-2021-22682
Cscape All versions prior to 9.90 SP4 is configured by default to be installed for all users, which allows full permissions, including read/write access. This may allow unprivileged users to modify the binaries and configuration files and lead to local privilege escalation...
CVE-2021-22682
CVE-2021-22682 affects Horner Automation Cscape prior to version 9.90 SP4. The root issue is improper access control: the product is configured by default to be installed for all users, granting full permissions (read/write) to unprivileged users, which can lead to local privilege escalation by m...
Horner Automation Cscape
1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Vulnerabilities: Improper Input Validation, Improper Access Controls 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow code execution in the context of the...