N/A

A CWE-269 Improper Privilege Management vulnerability exists in EcoStruxureª Operator Terminal Expert runtime (Vijeo XD) that could cause privilege escalation on the workstation when interacting directly with a driver installed by the runtime software of EcoStruxureª Operator Terminal Expert.

N/A

特权管理不恰当

Schneider Electric EcoStruxure Operator Terminal Expert 权限许可和访问控制问题漏洞

Schneider Electric EcoStruxure Operator Terminal Expert是法国施耐德电气（Schneider Electric）公司的一款触控屏配置软件。该软件支主要用于创建和编辑触控应用程序。 EcoStruxure Operator Terminal Expert 存在权限许可和访问控制问题漏洞，该漏洞源于不当权限管理，在与EcoStruxure Operator Terminal Expert运行时软件安装的驱动程序直接交互时，会导致工作站权限升级。

N/A

N/A