Incorrect Default Permissions
CVE-2022-28702
Summary
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
- LOW
- LOCAL
- NONE
- NONE
- NONE
- COMPLETE
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
References
Advisory Timeline
- Published