描述
A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user.
AI分析AI驱动
受影响产品
schneider-electricscadapack_7x_remote_connect
参考资料
- https://www.se.com/ww/en/download/document/SEVD-2020-252-01/Vendor Advisory
- https://www.se.com/ww/en/download/document/SEVD-2020-252-01/Vendor Advisory