CVE-2017-9662 – Fuji Electric Monitouch V-SFT Insecure Configuration Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2017-9662

An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Monitouch V-SFT is installed in a directory with weak access controls by default, which could allow an authenticated attacker with local access to escalate privileges. Se ha descubierto un problema de gestión incorrecta de privilegios en Fuji Electric Monitouch V-SFT en las versiones anteriores a la 5.4.43.0. Monitouch V-SFT se instala en un directorio con controles de acceso por defecto débiles, lo que podría permitir que un atacante autenticado con acceso local escale privilegios. This vulnerability allows local attackers to escalate their privileges on vulnerable installations of Fuji Electric Monitouch V-SFT. • http://www.securityfocus.com/bid/100268 http://www.zerodayinitiative.com/advisories/ZDI-17-646 https://ics-cert.us-cert.gov/advisories/ICSA-17-222-04 • CWE-269: Improper Privilege Management •