How severe is CVE-2022-34755?

CVE-2022-34755 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2022-34755

Name: easergy_builder_installer
Author: schneider-electric

6.3MEDIUM

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give

Published: 4/18/2023Updated: 11/21/2024

Description

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a valid user. Affected Products: Easergy Builder Installer (1.7.23 and prior)

AI AnalysisPowered by AI

Affected Products

schneider-electriceasergy_builder_installer

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf
PatchVendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf
PatchVendor Advisory