Vulnerability Headline
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Quisque porttitor lacinia laoreet. Nunc interdum nunc libero, nec lobortis ipsum sagittis tincidunt.
CVE-2019-6834
DESERIALIZATION OF UNTRUSTED DATA CWE-502
A vulnerability exists which could allow an attacker to execute arbitrary code on the targeted system with SYSTEM privileges when placing a malicious file at a certain location on the filesystem. By default, this folder location requires the malicious user to be authenticated for this vulnerability to be successfully exploited.
Risk Information
- CVE ID
- CVE-2019-6834
- Vendor
- Schneider Electric
- Product
- Software Update (SESU)
- CVSS v3
- 7.3