CVE-2021-22817
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/02/2022
Last modified:
16/02/2022
Description
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:schneider-electric:hmibmuhi29d2801_firmware:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:schneider-electric:hmibmuhi29d2801:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:schneider-electric:hmibmusi29d2801_firmware:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:schneider-electric:hmibmusi29d2801:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:schneider-electric:hmibmuci29d2w01_firmware:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:schneider-electric:hmibmuci29d2w01:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:schneider-electric:hmibmu0i29d2001_firmware:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:schneider-electric:hmibmu0i29d2001:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:schneider-electric:hmibmu0i29d200a_firmware:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:schneider-electric:hmibmu0i29d200a:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:schneider-electric:hmibmuhi29d4801_firmware:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:schneider-electric:hmibmuhi29d4801:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:schneider-electric:hmibmusi29d4801_firmware:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:schneider-electric:hmibmusi29d4801:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:schneider-electric:hmibmuci29d4w01_firmware:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page