Privilege Escalation Vulnerability in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software

Privilege Escalation Vulnerability in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software

CVE-2020-7547 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level.

Learn more about our Web App Pen Testing.