Vulnerabilities > CVE-2017-9966 - Unspecified vulnerability in Schneider-Electric Pelco Videoxpert
Attack vector
NETWORK Attack complexity
HIGH Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A privilege escalation vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. By replacing certain files, an unauthorized user can obtain system privileges and the inserted code would execute at an elevated privilege level.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://www.securityfocus.com/bid/102338
- http://www.securityfocus.com/bid/102338
- https://ics-cert.us-cert.gov/advisories/ICSA-17-355-02
- https://ics-cert.us-cert.gov/advisories/ICSA-17-355-02
- https://www.schneider-electric.com/en/download/document/SEVD-2017-339-01/
- https://www.schneider-electric.com/en/download/document/SEVD-2017-339-01/