In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as.

Related CVEs

CVE-2020-24676

Key Information

GHSA ID

GHSA-fwv4-f9xf-wp89

Published

May 24, 2022 5:37 PM

Last Modified

May 24, 2022 5:37 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 27, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.