exploitDog

CVE-2013-2817

Опубликовано: 24 фев. 2014

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.

Ссылки

http://ics-cert.us-cert.gov/advisories/ICSA-14-051-02
US Government Resource
http://www.meau.com/eprise/main/sites/public/Products/Software/-MC_Works
Patch
Vendor Advisory
http://ics-cert.us-cert.gov/advisories/ICSA-14-051-02
US Government Resource
http://www.meau.com/eprise/main/sites/public/Products/Software/-MC_Works
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mitsubishielectric:mc-worx_suite:*:*:*:*:*:*:*:*

Версия до 8.02 (включая)

EPSS

Процентиль: 97%

0.35786

Средний

9.3 Critical

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-8xqw-6q3f-w3jp

github

больше 3 лет назад

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.

EPSS

Процентиль: 97%

0.35786

Средний

9.3 Critical

CVSS2

Дефекты

CWE-94