CVE-2024-3746
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
The entire parent directory - C:\ScadaPro and its sub-directories and files are configured by default to allow user, including unprivileged users, to write or overwrite files.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Measuresoft | ScadaPro | 6.9.0.0 | affected |
Weaknesses
- CWE-284: CWE-284
Workarounds
Measuresoft recommends that users manually reconfigure the vulnerable directories so that they are not writable by everyone.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.