Vulnerability Details CVE-2020-28392
A vulnerability has been identified in SIMARIS configuration (All versions < V4.0.1). During installation to default target folder, incorrect permissions are configured for the application folder and subfolders which could allow an attacker to gain persistence or potentially escalate privileges should a user with elevated credentials log onto the machine.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
Products affected by CVE-2020-28392
-
cpe:2.3:a:siemens:simaris_configuration:-