CVE-2020-13554
8.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Advantech | Advantech WebAccess/SCADA 9.0.1 | affected |
Weaknesses
- CWE-276: CWE-276: Incorrect Default Permissions
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.