Claroty Security Advisory
CWE-732: Local Privilege Escalation Through Incorrect Permission Assignment for Critical Resource
Due to improper permissions configuration, any authenticated user on the server may write directly to the Scada directory. This may allow privilege escalation.
Rapid Software did not respond to CISA’s attempts at coordination. Users of Rapid SCADA are encouraged to contact Rapid Software and keep their systems up to date.