CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9002
https://notcve.org/view.php?id=CVE-2024-9002
11 Oct 2024 — CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity, and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity, and availability of the workstation when non-admin authenticated user tries to perform privilege escalati... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-282-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-282-03.pdf • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-7032 – Schneider Electric Easergy Studio InitializeChannel Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-7032
09 Jan 2024 — A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object. Existe una vulnerabilidad CWE-502: deserialización de datos no confiables que podría permitir que un atacante que haya iniciado sesión con una cuenta de nivel de usuario obtenga mayores privilegios al proporcionar un objeto serializado dañino. This vulnerability allows local attackers to escalate privileges on a... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-009-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-009-02.pdf • CWE-502: Deserialization of Untrusted Data •