iniNet SpiderControl SCADA Editor 6.30.01 Local Privilege Escalation

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The SCADA editor running on the remote host is affected by a local
privilege escalation vulnerability.

Description :

According to its self-reported version, the iniNet SpiderControl SCADA
Editor application running on the remote host is version 6.30.01. It
is, therefore, affected by a flaw due to setting insecure permissions
on the installation directory and files. A local attacker can exploit
this to replace files, resulting in an escalation of privileges.

See also :

http://www.nessus.org/u?672d0506
http://www.nessus.org/u?3563b0e6
http://www.nessus.org/u?0f97c9ea

Solution :

No fix currently exists. Contact the vendor regarding a patch.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SCADA

Nessus Plugin ID: 88415 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now