Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdi@rgod777ZDI-22-1301
HistorySep 26, 2022 - 12:00 a.m.

Measuresoft ScadaPro Server Improper Access Control Local Privilege Escalation Vulnerability

2022-09-2600:00:00
@rgod777
www.zerodayinitiative.com
9
measuresoft scadapro server
improper access control
local privilege escalation
orchestrator service
incorrect permissions
arbitrary code

0.0005 Low

EPSS

Percentile

16.2%

JSON

This vulnerability allows local attackers to escalate privileges on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ORCHESTRATOR Service. The product sets incorrect permissions on the service. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

Related

prion 1
nvd 1
ics 1
cvelist 1
cve 1
prion
prion
Design/Logic Flaw
2022-09-23 19:15:00
nvd
nvd
CVE-2022-3263
2022-09-23 19:15:14
ics
ics
Measuresoft ScadaPro Server
2022-09-22 12:00:00
cvelist
cvelist
CVE-2022-3263 Measuresoft ScadaPro Server Improper Access Control
2022-09-22 00:00:00
cve
cve
CVE-2022-3263
2022-09-23 19:15:14

0.0005 Low

EPSS

Percentile

16.2%

JSON
Related for ZDI-22-1301
prion1nvd1ics1cvelist1cve1