CVE-2013-2786

Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.6 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:S/C:C/I:C/A:C
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
VendorProductVersion
alstommicom_s1_agile
𝑥
≤ 1.0.2
alstommicom_s1_studio
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://ics-cert.us-cert.gov/advisories/ICSA-13-184-01
http://ics-cert.us-cert.gov/advisories/ICSA-13-184-01