CVE-2019-6834

DESERIALIZATION OF UNTRUSTED DATA CWE-502
A vulnerability exists which could allow an attacker to execute arbitrary code on the targeted system with SYSTEM privileges when placing a malicious file at a certain location on the filesystem. By default, this folder location requires the malicious user to be authenticated for this vulnerability to be successfully exploited.

Risk Information

  • CVE ID
  • CVE-2019-6834
  • Vendor
  • Schneider Electric
  • Product
  • Software Update (SESU)
  • CVSS v3
  • 7.3