CVE-2021-22817

A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)

Link	Resource
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-06	Vendor Advisory

Configuration 1

cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp1:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp2:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp3.1:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp5.1:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp6:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp7:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp8:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp9:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp11:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:-:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:6.2:sp10:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:*:*:*:*:-:*:*:* cpe:2.3:a:schneider-electric:vijeo_designer:*:*:*:*:basic:*:*:*

---

Published : 2022-02-09 11:15

Updated : 2022-02-16 04:57

---

NVD link : CVE-2021-22817

Mitre link : CVE-2021-22817

No products.

CWE-276

Incorrect Default Permissions