A CVSS v3 base score of 6.0 has been calculated the CVSS vector string is ( AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H). The affected product is vulnerable to misconfigured binaries, allowing users on the target PC with SYSTEM level privileges access to overwrite the binary and modify files to gain privilege escalation.ĬVE-2021-38483 has been assigned to this vulnerability.
3.2 VULNERABILITY OVERVIEW 3.2.1 INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732 It is included because it is used in Industrial Control Systems (ICS). Note: This offline simulation software program does not provide any control or management of physical devices or processes. The following versions of ROBOGUIDE, a simulation platform software suite for FANUC Robots, are affected: Successful exploitation of these vulnerabilities could cause a denial-of-service condition, allow for remote code execution, or provide unauthorized privilege escalation. Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Improper Access Control, Path Traversal, Improper Restriction of XML External Entity Reference, Uncontrolled Resource Consumption.Vendor: FANUC Corporation / FANUC America Corporation.ATTENTION: Exploitable remotely/low attack complexity.
0 kommentar(er)
