exploitDog

CVE-2017-9661

Опубликовано: 14 авг. 2017

Источник: nvd

CVSS3: 7

CVSS2: 5.1

EPSS Низкий

Описание

An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to place a malicious DLL file within the search path resulting in execution of arbitrary code.

Ссылки

http://www.securityfocus.com/bid/100263
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-222-01
Mitigation
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/100263
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-222-01
Mitigation
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simplight:scada:*:*:*:*:*:*:*:*

Версия до 4.3.0.27 (включая)

EPSS

Процентиль: 49%

0.00262

Низкий

7 High

CVSS3

5.1 Medium

CVSS2

Дефекты

CWE-427

Связанные уязвимости

GHSA-w2xr-v554-cf87

CVSS3: 7

github

больше 3 лет назад

An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to place a malicious DLL file within the search path resulting in execution of arbitrary code.

EPSS

Процентиль: 49%

0.00262

Низкий

7 High

CVSS3

5.1 Medium

CVSS2

Дефекты

CWE-427