What is CVE-2017-12699?

CVE-2017-12699 is a high-severity vulnerability in Azeotech Daqfactory, classified under Incorrect Default Permissions. CVSS score: 7.1/10. Published 2017-09-09.

How severe is CVE-2017-12699?

High severity. CVSS v3 base score is 7.1 out of 10.

Vulnerability in Azeotech Daqfactory

CVE-2017-12699

An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. Local, non-administrative users may be able to replace or modify original application files with malicious ones.

EPSS: 0.001 (20.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N.

Affected products

Azeotech Daqfactory
N/a Azeotech Daqfactory — versions AzeoTech DAQFactory

Weakness classification (CWE)

CWE-276 — Incorrect Default Permissions

References

ics-cert@hq.dhs.gov (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)

Frequently asked questions

What is CVE-2017-12699?: CVE-2017-12699 is a high-severity vulnerability in Azeotech Daqfactory, classified under Incorrect Default Permissions. CVSS score: 7.1/10. Published 2017-09-09.
How severe is CVE-2017-12699?: High severity. CVSS v3 base score is 7.1 out of 10.