CVE-2021-43986

The setup program for the affected product configures its files and folders with full access, which may allow unauthorized users permission to replace original binaries and achieve privilege escalation.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-03 Patch Third Party Advisory US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-03 Patch Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:fanuc:roboguide:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:30

Type Values Removed Values Added
References () https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-03 - Patch, Third Party Advisory, US Government Resource () https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-03 - Patch, Third Party Advisory, US Government Resource
CVSS v2 : 4.4
v3 : 7.0
v2 : 4.4
v3 : 6.0

17 Oct 2022, 18:12

Type Values Removed Values Added
CVSS v2 : 4.6
v3 : 7.8
v2 : 4.4
v3 : 7.0

29 Apr 2022, 15:00

Type Values Removed Values Added
CWE CWE-284 CWE-276
References (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-03 - (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-03 - Patch, Third Party Advisory, US Government Resource
CVSS v2 : unknown
v3 : unknown
v2 : 4.6
v3 : 7.8
CPE cpe:2.3:a:fanuc:roboguide:*:*:*:*:*:*:*:*

20 Apr 2022, 16:45

Type Values Removed Values Added
New CVE

Information

Published : 2022-04-20 16:15

Updated : 2024-11-21 06:30


NVD link : CVE-2021-43986

Mitre link : CVE-2021-43986

CVE.ORG link : CVE-2021-43986


JSON object : View

Products Affected

fanuc

  • roboguide
CWE
CWE-284

Improper Access Control

CWE-276

Incorrect Default Permissions