CVE-2024-8306

CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:schneider-electric:vijeo_designer:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:vijeo_designer:6.3:-:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:vijeo_designer_embedded_in_ecostruxure_machine_expert:*:*:*:*:*:*:*:*

History

18 Sep 2024, 19:51

Type Values Removed Values Added
References () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-254-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-254-01.pdf - () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-254-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-254-01.pdf - Vendor Advisory
CWE NVD-CWE-noinfo
Summary
  • (es) CWE-269: Existe una vulnerabilidad de administración inadecuada de privilegios que podría causar acceso no autorizado, pérdida de confidencialidad, integridad y disponibilidad de la estación de trabajo cuando un usuario autenticado que no es administrador intenta realizar una escalada de privilegios alterando los binarios.
First Time Schneider-electric vijeo Designer
Schneider-electric
Schneider-electric vijeo Designer Embedded In Ecostruxure Machine Expert
CPE cpe:2.3:a:schneider-electric:vijeo_designer_embedded_in_ecostruxure_machine_expert:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:vijeo_designer:6.3:-:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:vijeo_designer:*:*:*:*:*:*:*:*

11 Sep 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-11 15:15

Updated : 2024-09-18 19:51


NVD link : CVE-2024-8306

Mitre link : CVE-2024-8306

CVE.ORG link : CVE-2024-8306


JSON object : View

Products Affected

schneider-electric

  • vijeo_designer
  • vijeo_designer_embedded_in_ecostruxure_machine_expert
CWE
NVD-CWE-noinfo CWE-269

Improper Privilege Management