iniNet SpiderControl PLC Editor Simatic 6.30.04 Local Privilege Escalation
High Nessus Plugin ID 88414
SynopsisThe PLC editor application running on the remote host is affected by a local privilege escalation vulnerability.
DescriptionAccording to its self-reported version, the iniNet SpiderControl PLC Editor Simatic application running on the remote host is version 6.30.04. It is, therefore, affected by a flaw due to setting insecure permissions on the installation directory and files. A local attacker can exploit this to replace files, resulting in an escalation of privileges.
SolutionNo fix currently exists. Contact the vendor regarding a patch.