CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31465
https://notcve.org/view.php?id=CVE-2022-31465
A vulnerability has been identified in Xpedition Designer VX.2.10 (All versions < VX.2.10 Update 13), Xpedition Designer VX.2.11 (All versions < VX.2.11 Update 11), Xpedition Designer VX.2.12 (All versions < VX.2.12 Update 5), Xpedition Designer VX.2.13 (All versions < VX.2.13 Update 1). The affected application assigns improper access rights to the service executable. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. Se ha identificado una vulnerabilidad en Xpedition Designer (Todas las versiones anteriores a VX.2.11). La aplicación afectada asigna derechos de acceso inapropiados al ejecutable del servicio. • https://cert-portal.siemens.com/productcert/pdf/ssa-988345.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •