CVE-2022-27578

HIGH

Sick Overall Equipment Effectiveness - Privilege Escalation

Title source: rule

Description

An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content.

References (1)

[Vendor Advisory] https://sick.com/psirt

Scores

CVSS v3 7.8

EPSS 0.0006

EPSS Percentile 17.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-250

Status published

Products (1)

sick/overall_equipment_effectiveness 0.5.1

Published Apr 11, 2022

Tracked Since Feb 18, 2026