Vulnerability Details : CVE-2014-0759
Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.
Products affected by CVE-2014-0759
- cpe:2.3:a:schneider-electric:floating_license_manager:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:schneider-electric:floating_license_manager:1.4.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-0759
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 47 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-0759
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
References for CVE-2014-0759
-
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-015-01
Vendor Advisory
-
http://ics-cert.us-cert.gov/advisories/ICSA-14-058-01
Schneider Electric Floating License Manager Vulnerability | CISAUS Government Resource
Jump to