iniNet SpiderControl PLC Editor Beckhoff 6.30.04 Local Privilege Escalation

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The PLC editor application running on the remote host is affected by
a local privilege escalation vulnerability.

Description :

According to its self-reported version, the iniNet SpiderControl PLC
Editor Beckhoff application running on the remote host is version
6.30.04. It is, therefore, affected by a flaw due to setting insecure
permissions on the installation directory and files. A local attacker
can exploit this to replace files, resulting in an escalation of
privileges.

See also :

http://www.nessus.org/u?0f97c9ea

Solution :

No fix currently exists. Contact the vendor regarding a patch.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SCADA

Nessus Plugin ID: 88413 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now