(0Day) Schneider Electric U.motion Builder Local Privilege Escalation Vulnerability

ID ZDI-17-392
Type zdi
Reporter rgod
Modified 2017-06-12T00:00:00


This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is required to exploit this vulnerability.

The specific flaw exists within the handling of the system configuration. The web administration account is set up with the ability to sudo without a password. An attacker can leverage this vulnerability to execute arbitrary code under the context of root.