CVE-2018-5313
Last modified
CVE-2018-5313 is a vulnerability of currently unknown severity. A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. EPSS estimates a 0.60% chance of exploitation in the next 30 days.
Description
A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Rapidscada | Rapid Scada | 5.5.0 |
References
- http://packetstormsecurity.com/files/146668/Rapid-Scada-5.5.0-Insecure-Permissions.htmlThird Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2018/Mar/11Mailing List, Third Party Advisory
- http://packetstormsecurity.com/files/146668/Rapid-Scada-5.5.0-Insecure-Permissions.htmlThird Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2018/Mar/11Mailing List, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-5313?
How severe is CVE-2018-5313?
How do I fix CVE-2018-5313?
Are you affected by CVE-2018-5313?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST