How severe is CVE-2022-34755?

CVE-2022-34755 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2022-34755

Name: easergy_builder_installer
Author: schneider-electric

6.3MEDIUM

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give

게시됨: 4/18/2023업데이트됨: 11/21/2024

설명

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a valid user. Affected Products: Easergy Builder Installer (1.7.23 and prior)

AI 분석AI 기반

영향받는 제품

schneider-electriceasergy_builder_installer

참조

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf
PatchVendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf
PatchVendor Advisory