CVE-2021-22817 is a vulnerability in Schneider Electric Vijeo Designer
Published on February 9, 2022

A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)

NVD

Weakness Type

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

Products Associated with CVE-2021-22817

Want to know whenever a new CVE is published for Schneider Electric Vijeo Designer? stack.watch will email you.

Schneider Electric Vijeo Designer

Exploit Probability

EPSS

0.04%

Percentile

11.78%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-22817 is a vulnerability in Schneider Electric Vijeo DesignerPublished on February 9, 2022

Weakness Type

Incorrect Default Permissions

Products Associated with CVE-2021-22817

Exploit Probability

CVE-2021-22817 is a vulnerability in Schneider Electric Vijeo Designer
Published on February 9, 2022