Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in DIGSI 4 (All versions < V4.94 SP1 HF 1). Several folders in the %PATH% are writeable by normal users. As these folders are included in the search for dlls, an attacker could place dlls there with code executed by SYSTEM.
CVSS Information
N/A
Vulnerability Type
缺省权限不正确
Vulnerability Title
DIGSI 4 权限许可和访问控制问题漏洞
Vulnerability Description
SIEMENS DIGSI 4是美国SIEMENS公司的一个驱动程序。提供设备驱动程序功能。 DIGSI 4中存在权限许可和访问控制问题漏洞,该漏洞源于%PATH%中的几个文件夹可由普通用户写入。由于这些文件夹包含在DLL搜索中,攻击者可以将DLL与系统执行的代码放在一起进而执行代码。
CVSS Information
N/A
Vulnerability Type
N/A