This writeup describes an elevation of privilege (EoP) vulnerability in InstantHMI 6.1 due to incorrect default permissions on the installation directory, allowing authenticated users to replace binaries or plant malicious DLLs for privilege escalation.
Classification
Writeup 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target:InstantHMI 6.1
Auth required
Prerequisites:Authenticated user access to the system · Default installation of InstantHMI 6.1