How severe is CVE-2022-34755?

CVE-2022-34755 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2022-34755

Name: easergy_builder_installer
Author: schneider-electric

6.3MEDIUM

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give

发布于: 4/18/2023更新于: 11/21/2024

描述

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a valid user. Affected Products: Easergy Builder Installer (1.7.23 and prior)

AI分析AI驱动

受影响产品

schneider-electriceasergy_builder_installer

参考资料

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf
PatchVendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf
PatchVendor Advisory