Unknown
CVE-2021-22817
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2021-22817
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- hmibmiea5dd1001 firmware,
- hmibmiea5dd100a firmware,
- hmibmiea5dd1101 firmware,
- hmibmiea5dd110l firmware,
- hmibmiea5dd1e01 firmware,
- hmibmo0a5dd1001 firmware,
- hmibmo0a5ddf101 firmware,
- hmibmo0a5ddf10a firmware,
- hmibmoma5dd1101 firmware,
- hmibmoma5dd1e01 firmware,
- hmibmoma5ddf10l firmware,
- hmibmp0i74d2001 firmware,
- hmibmp0i74d200a firmware,
- hmibmp0i74d4001 firmware,
- hmibmp0i74d400a firmware,
- hmibmp0i74de00a firmware,
- hmibmp0i74di00a firmware,
- hmibmphi74d2801 firmware,
- hmibmphi74d4801 firmware,
- hmibmpsi74d2801 firmware,
- hmibmpsi74d4801 firmware,
- hmibmu0i29d2001 firmware,
- hmibmu0i29d200a firmware,
- hmibmu0i29d4001 firmware,
- hmibmu0i29d400a firmware,
- hmibmu0i29de00a firmware,
- hmibmu0i29di00a firmware,
- hmibmuci29d2w01 firmware,
- hmibmuci29d4w01 firmware,
- hmibmuhi29d2801 firmware,
- hmibmuhi29d4801 firmware,
- hmibmusi29d2801 firmware,
- hmibmusi29d4801 firmware,
- hmibscea53d1l01 firmware,
- hmibscea53d1l0a firmware,
- hmibscea53d1l0t firmware,
- vijeo designer,
- vijeo designer 6.2
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
