CVE-2017-12728

28 Oct 2017

[ICS] SpiderControl SCADA Web Server Improper Privilege Management Vulnerability

Vendor: SpiderControl
Equipment: SCADA Web Server
Vulnerability: Improper Privilege Management

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-250-01

CVE-ID
CVE-2017-12728

AFFECTED PRODUCTS

The following versions of SCADA Web Server, a software management platform, are affected:
SCADA Web Server Version 2.02.0007 and prior.

IMPACT
Successful exploitation of this vulnerability could allow authenticated system users to escalate their privileges under certain conditions.

Read on for details.

Read more