CVE-2024-3746

The entire parent directory - C:\ScadaPro and its sub-directories and files are configured by default to allow user, including unprivileged users, to write or overwrite files.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-01

Configurations

No configuration.

History

28 May 2024, 17:15

Type	Values Removed	Values Added
Summary		(es) Todo el directorio principal, C:\ScadaPro y sus subdirectorios y archivos, están configurados de forma predeterminada para permitir a los usuarios, incluidos los usuarios sin privilegios, escribir o sobrescribir archivos.
Summary	~~(en) The entire parent directory - C:\ScadaPro and its sub-directories and files are configured by default to allow user, including unprivileged users, to write or overwrite files.~~	(en) The entire parent directory - C:\ScadaPro and its sub-directories and files are configured by default to allow user, including unprivileged users, to write or overwrite files.

30 Apr 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-30 20:15

Updated : 2024-05-28 17:15

NVD link : CVE-2024-3746

Mitre link : CVE-2024-3746

CVE.ORG link : CVE-2024-3746

JSON object : View

Products Affected

No product.

CWE

CWE-284

Improper Access Control

5.5 /10