This security bulletin contains one low risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions within the ORCHESTRATOR Service. A local user can modify the service binary path and start malicious commands with elevated privileges.Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.Vulnerable software versions
ScadaPro Server: 6.7CPE2.3
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?