CVE-2023-28870

2023-12-0900:00:00

mitre

www.cve.org

file permissions

support assistant

configuration files

attackers

low-privileged user accounts

6.6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.0%

JSON

Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts.

References

herolab.usd.de/en/security-advisories/usd-2022-0004/