exploitDog

CVE-2017-7966

Опубликовано: 07 июн. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

A DLL Hijacking vulnerability in the programming software in Schneider Electric's SoMachine HVAC v2.1.0 allows a remote attacker to execute arbitrary code on the targeted system. The vulnerability exists due to the improper loading of a DLL.

Ссылки

http://www.schneider-electric.com/en/download/document/SEVD-2017-125-02/
Vendor Advisory
http://www.securityfocus.com/bid/98446
Third Party Advisory
VDB Entry
http://www.schneider-electric.com/en/download/document/SEVD-2017-125-02/
Vendor Advisory
http://www.securityfocus.com/bid/98446
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:schneider-electric:somachine:2.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00975

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-427

Связанные уязвимости

GHSA-7hr2-2p6f-7h25

CVSS3: 8.8

github

больше 3 лет назад

A DLL Hijacking vulnerability in the programming software in Schneider Electric's SoMachine HVAC v2.1.0 allows a remote attacker to execute arbitrary code on the targeted system. The vulnerability exists due to the improper loading of a DLL.

EPSS

Процентиль: 76%

0.00975

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-427