CVE-2020-6968

Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files...

CVE-2020-6968

Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files...

Code injection

Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files...

CVE-2020-6968

CVE-2020-6968 affects Honeywell INNCOM INNControl 3 (versions 3.21 and prior). Root cause: Improper Privilege Management (CWE-269) allowing workstation users to escalate privileges by modifying local configuration files. Exploitation is local; no remote access described. NVD CVSSv3 base 7.8 (AV:L...

Honeywell INNCOM INNControl 3

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Honeywell Equipment: INNCOM INNControl 3 Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate user privileges within the...