exploitDog

CVE-2017-6051

Опубликовано: 08 мая 2017

Источник: nvd

CVSS3: 7

CVSS2: 5.1

EPSS Низкий

Описание

An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code.

Ссылки

http://www.securityfocus.com/bid/98031
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-115-01
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/98031
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-115-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:blftech:visualview_hmi:*:*:*:*:*:*:*:*

Версия до 9.9.14.0 (включая)

EPSS

Процентиль: 49%

0.00257

Низкий

7 High

CVSS3

5.1 Medium

CVSS2

Дефекты

CWE-427

CWE-427

Связанные уязвимости

GHSA-w4rw-g4m2-64c5

CVSS3: 7

github

больше 3 лет назад

An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code.

EPSS

Процентиль: 49%

0.00257

Низкий

7 High

CVSS3

5.1 Medium

CVSS2

Дефекты

CWE-427

CWE-427