| Summary | A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1) |
|---|---|
| Publication Date | Feb. 10, 2022, 8:15 a.m. |
| Registration Date | Feb. 10, 2022, noon |
| Last Update | Nov. 21, 2024, 2:50 p.m. |
| CVSS3.1 : HIGH | |
| スコア | 7.8 |
|---|---|
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 攻撃元区分(AV) | ローカル |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃に必要な特権レベル(PR) | 低 |
| 利用者の関与(UI) | 不要 |
| 影響の想定範囲(S) | 変更なし |
| 機密性への影響(C) | 高 |
| 完全性への影響(I) | 高 |
| 可用性への影響(A) | 高 |
| CVSS2.0 : MEDIUM | |
| Score | 4.6 |
|---|---|
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
| 攻撃元区分(AV) | ローカル |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃前の認証要否(Au) | 不要 |
| 機密性への影響(C) | 低 |
| 完全性への影響(I) | 低 |
| 可用性への影響(A) | 低 |
| Get all privileges. | いいえ |
| Get user privileges | いいえ |
| Get other privileges | いいえ |
| User operation required | いいえ |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmuhi29d2801_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmuhi29d2801:-:*:*:*:*:*:*:* | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmusi29d2801_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmusi29d2801:-:*:*:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmuci29d2w01_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmuci29d2w01:-:*:*:*:*:*:*:* | ||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmu0i29d2001_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmu0i29d2001:-:*:*:*:*:*:*:* | ||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmu0i29d200a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmu0i29d200a:-:*:*:*:*:*:*:* | ||||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmuhi29d4801_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmuhi29d4801:-:*:*:*:*:*:*:* | ||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmusi29d4801_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmusi29d4801:-:*:*:*:*:*:*:* | ||||
| Configuration8 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmuci29d4w01_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmuci29d4w01:-:*:*:*:*:*:*:* | ||||
| Configuration9 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmu0i29d4001_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmu0i29d4001:-:*:*:*:*:*:*:* | ||||
| Configuration10 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmu0i29d400a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmu0i29d400a:-:*:*:*:*:*:*:* | ||||
| Configuration11 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmu0i29di00a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmu0i29di00a:-:*:*:*:*:*:*:* | ||||
| Configuration12 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmu0i29de00a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmu0i29de00a:-:*:*:*:*:*:*:* | ||||
| Configuration13 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmphi74d2801_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmphi74d2801:-:*:*:*:*:*:*:* | ||||
| Configuration14 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmpsi74d2801_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmpsi74d2801:-:*:*:*:*:*:*:* | ||||
| Configuration15 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmp0i74d2001_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmp0i74d2001:-:*:*:*:*:*:*:* | ||||
| Configuration16 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmp0i74d200a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmp0i74d200a:-:*:*:*:*:*:*:* | ||||
| Configuration17 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmphi74d4801_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmphi74d4801:-:*:*:*:*:*:*:* | ||||
| Configuration18 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmpsi74d4801_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmpsi74d4801:-:*:*:*:*:*:*:* | ||||
| Configuration19 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmp0i74d4001_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmp0i74d4001:-:*:*:*:*:*:*:* | ||||
| Configuration20 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmp0i74d400a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmp0i74d400a:-:*:*:*:*:*:*:* | ||||
| Configuration21 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmp0i74di00a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmp0i74di00a:-:*:*:*:*:*:*:* | ||||
| Configuration22 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmp0i74de00a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmp0i74de00a:-:*:*:*:*:*:*:* | ||||
| Configuration23 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibscea53d1l01_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibscea53d1l01:-:*:*:*:*:*:*:* | ||||
| Configuration24 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmoma5ddf10l_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmoma5ddf10l:-:*:*:*:*:*:*:* | ||||
| Configuration25 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmoma5dd1e01_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmoma5dd1e01:-:*:*:*:*:*:*:* | ||||
| Configuration26 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmoma5dd1101_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmoma5dd1101:-:*:*:*:*:*:*:* | ||||
| Configuration27 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmo0a5ddf10a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmo0a5ddf10a:-:*:*:*:*:*:*:* | ||||
| Configuration28 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmo0a5ddf101_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmo0a5ddf101:-:*:*:*:*:*:*:* | ||||
| Configuration29 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmo0a5dd1001_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmo0a5dd1001:-:*:*:*:*:*:*:* | ||||
| Configuration30 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmiea5dd1e01_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmiea5dd1e01:-:*:*:*:*:*:*:* | ||||
| Configuration31 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmiea5dd110l_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmiea5dd110l:-:*:*:*:*:*:*:* | ||||
| Configuration32 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmiea5dd1101_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmiea5dd1101:-:*:*:*:*:*:*:* | ||||
| Configuration33 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmiea5dd100a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmiea5dd100a:-:*:*:*:*:*:*:* | ||||
| Configuration34 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibmiea5dd1001_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibmiea5dd1001:-:*:*:*:*:*:*:* | ||||
| Configuration35 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibscea53d1l0t_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibscea53d1l0t:-:*:*:*:*:*:*:* | ||||
| Configuration36 | or higher | or less | more than | less than | |
| cpe:2.3:o:schneider-electric:hmibscea53d1l0a_firmware:*:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:schneider-electric:hmibscea53d1l0a:-:*:*:*:*:*:*:* | ||||
| Configuration37 | or higher | or less | more than | less than | |
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp1:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp2:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp3.1:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp5.1:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp6:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp7:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp8:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp9:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp11:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:-:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp10:*:*:-:*:*:* | |||||
| cpe:2.3:a:schneider-electric:vijeo_designer:*:*:*:*:-:*:*:* | 6.2 | ||||
| cpe:2.3:a:schneider-electric:vijeo_designer:*:*:*:*:basic:*:*:* | 1.2.1 | ||||