CVE-2022-23448
Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local unprivileged attacker to achieve code execution with ADMINISTRATOR or even NT AUTHORITY/SYSTEM privileges.
Risk Information
- CVE ID
- CVE-2022-23448
- Vendor
- Siemens
- Product
- SIMATIC Energy Manager
- CVSS v3
- 7.3