CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-12728

An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the context of the current system services.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.5%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

http://www.securityfocus.com/bid/100668
https://ics-cert.us-cert.gov/advisories/ICSA-17-250-01
http://www.securityfocus.com/bid/100668
https://ics-cert.us-cert.gov/advisories/ICSA-17-250-01

Products affected by CVE-2017-12728

Spidercontrol » Scada Webserver » Version: N/A

cpe:2.3:a:spidercontrol:scada_webserver:-
Spidercontrol » Scada Webserver » Version: 2.02.0007

cpe:2.3:a:spidercontrol:scada_webserver:2.02.0007

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-12728

Products

Pricing

Contact Us