説明
A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user.
AI分析AIによる分析
影響を受ける製品
schneider-electricscadapack_7x_remote_connect
参照
- https://www.se.com/ww/en/download/document/SEVD-2020-252-01/Vendor Advisory
- https://www.se.com/ww/en/download/document/SEVD-2020-252-01/Vendor Advisory