// For flags

CVE-2013-0665

 

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions for its Program Files directory, which allows local users to replace executable files, and consequently gain privileges, via standard filesystem operations.

Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet anterior a 5.12.0.1 utiliza permisos débiles para el directorio Program Files, que permite a usuarios locales para reemplazar los archivos ejecutables, y en consecuencia obtener privilegios, a través de las operaciones del sistema de archivos estándar.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-12-19 CVE Reserved
  • 2013-03-21 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-10-19 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (1)
URL Tag Source
http://ics-cert.us-cert.gov/pdf/ICSA-13-079-01.pdf Us Government Resource
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Selinc
Search vendor "Selinc"
 Acselerator Quickset
Search vendor "Selinc" for product "Acselerator Quickset"
 <= 5.12.0
Search vendor "Selinc" for product "Acselerator Quickset" and version " <= 5.12.0"
-
Affected