How severe is CVE-2022-34755?

CVE-2022-34755 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2022-34755

Name: easergy_builder_installer
Author: schneider-electric

6.3MEDIUM

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give

Publicado: 4/18/2023Actualizado: 11/21/2024

Descripción

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a valid user. Affected Products: Easergy Builder Installer (1.7.23 and prior)

Análisis IAImpulsado por IA

Productos Afectados

schneider-electriceasergy_builder_installer

Referencias

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf
PatchVendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf
PatchVendor Advisory