CVE-2017-7968: An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation…

An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation, Wonderware InduSoft Web Studio creates a new directory and two files, which are placed in the system's path and can be manipulated by non-administrators. This could allow an authenticated user to escalate his or her privileges.