CVE-2017-9966 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2017-9966

CWE

https://cwe.mitre.org/data/definitions/.html

A privilege escalation vulnerability exists in Schneider Electrics Pelco VideoXpert Enterprise versions 2.0 and prior. By replacing certain files, an unauthorized user can obtain system privileges and the inserted code would execute at an elevated privilege level.

Affected Software

Name	Vendor	Start Version	End Version
Pelco_videoxpert	Schneider-electric	*	2.1 (excluding)

References

http://www.securityfocus.com/bid/102338
https://ics-cert.us-cert.gov/advisories/ICSA-17-355-02
https://www.schneider-electric.com/en/download/document/SEVD-2017-339-01/
http://www.securityfocus.com/bid/102338
https://ics-cert.us-cert.gov/advisories/ICSA-17-355-02
https://www.schneider-electric.com/en/download/document/SEVD-2017-339-01/