(0Day) Schneider Electric U.motion Builder Local Privilege Escalation Vulnerability

2017-06-12T00:00:00
ID ZDI-17-392
Type zdi
Reporter rgod
Modified 2017-06-12T00:00:00

Description

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is required to exploit this vulnerability.

The specific flaw exists within the handling of the system configuration. The web administration account is set up with the ability to sudo without a password. An attacker can leverage this vulnerability to execute arbitrary code under the context of root.