Incorrect Default Permissions Vulnerability in AzeoTech DAQFactory
CVE-2017-12699

7.1HIGH

Key Information:

Vendor: Azeotech
Status: Azeotech Daqfactory
Vendor: CVE Published:; 9 September 2017

What is CVE-2017-12699?

An Incorrect Default Permissions vulnerability in AzeoTech DAQFactory allows local, non-administrative users to potentially replace or modify original application files with malicious versions. This could lead to unauthorized actions and compromise the integrity of the application, making it imperative for users to update to version 17.1 or later to mitigate this risk.

Affected Version(s)

AzeoTech DAQFactory AzeoTech DAQFactory

References

http://www.securityfocus.com/bid/100522

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-17-241-01

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2017
Vulnerability Reserved
Aug 9, 2017

CVE-2017-12699 Data

JSON

Azeotech

What is CVE-2017-12699?

Affected Version(s)

References

CVSS V3.1

Timeline