CVE-2013-0665
Severity Score
6.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions for its Program Files directory, which allows local users to replace executable files, and consequently gain privileges, via standard filesystem operations.
Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet anterior a 5.12.0.1 utiliza permisos débiles para el directorio Program Files, que permite a usuarios locales para reemplazar los archivos ejecutables, y en consecuencia obtener privilegios, a través de las operaciones del sistema de archivos estándar.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-12-19 CVE Reserved
- 2013-03-21 CVE Published
- 2024-09-17 CVE Updated
- 2024-10-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| http://ics-cert.us-cert.gov/pdf/ICSA-13-079-01.pdf | Us Government Resource |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Selinc Search vendor "Selinc" | Acselerator Quickset Search vendor "Selinc" for product "Acselerator Quickset" | <= 5.12.0 Search vendor "Selinc" for product "Acselerator Quickset" and version " <= 5.12.0" | - |
Affected
| ||||||