How severe is CVE-2023-28399?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2023-28399?

This is classified as CWE-732, which is a common weakness in software security.

CVE-2023-28399 - HIGH Severity | CVSS 7.8

Vulnerability Description

Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control List) is not appropriately set to the local folder where the affected product is installed, therefore a wide range of privileges is permitted to a user of the PC where the affected product is installed. As a result, the user may be able to destroy the system and/or execute a malicious program.

Related Vulnerabilities

CVE-2007-5544

HIGH

CVSS:7.8(High)

IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC,...

CWE-7322007

CVE-2008-0322

HIGH

CVSS:7.8(High)

The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Write permissions for the "\\.\I2OExc" device interface, which allows local users to gain privileges. N...

CWE-7322008

CVE-2008-0662

HIGH

CVSS:7.8(High)

The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control p...

CWE-7322008

CVE-2009-0115

HIGH

CVSS:7.8(High)

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating system...

CWE-7322009

CVE-2009-3289

HIGH

CVSS:7.8(High)

The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demons...

CWE-7322009

CVE-2009-3482

HIGH

CVSS:7.8(High)

TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions (Everyone: Full Control) for files under %PROGRAMFILES%, which allows local users to gain privileges by rep...

CWE-7322009