Unrated severityNVD Advisory· Published Dec 6, 2024· Updated Dec 6, 2024
Open Automation Software Incorrect Execution-Assigned Permissions
CVE-2024-11220
Description
A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file of the report executes with SYSTEM privileges, resulting in privilege escalation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.