Incorrect Default Permissions
CVE-2022-28702
Summary
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
- LOW
- LOCAL
- LOW
- UNCHANGED
- NONE
- LOW
- NONE
- HIGH
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
References
Advisory Timeline
- Published