CVE-2022-23448

Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local unprivileged attacker to achieve code execution with ADMINISTRATOR or even NT AUTHORITY/SYSTEM privileges.

Risk Information

  • CVE ID
  • CVE-2022-23448
  • Vendor
  • Siemens
  • Product
  • SIMATIC Energy Manager
  • CVSS v3
  • 7.3