Proges: >> Thermoscan Ip >> 20211103 Security Vulnerabilities
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-07-31
A “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service (DoS) condition on the target component.
CVSS Score
3.3
EPSS Score
0.0
Published
2024-07-31
A “CWE-428: Unquoted Search Path or Element” affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\ path to attempt a privilege escalation on the local machine.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-07-31