Vulnerabilities > CVE-2024-0770 - Unspecified vulnerability in Echa.Europa Iuclid 7.10.3

CVSS 7.1 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

echa-europa

NVD

Published: 2024-01-21

Updated: 2024-11-21

Summary

A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID 7.10.3 on Windows. Affected is an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulation leads to incorrect default permissions. The attack needs to be approached locally. VDB-251670 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Configurations

Part	Description	Count
Application	Echa.Europa Echa.Europa Iuclid 7.10.3	1
OS	Microsoft Microsoft Windows -	1

References

https://imagebin.ca/v/7nx8zv3l62Kf
https://imagebin.ca/v/7nx8zv3l62Kf
https://vuldb.com/?ctiid.251670
https://vuldb.com/?ctiid.251670
https://vuldb.com/?id.251670
https://vuldb.com/?id.251670