Lucene search

[email protected]NVD:CVE-2017-14029

HistoryNov 06, 2017 - 10:29 p.m.

CVE-2017-14029

2017-11-0622:29:00

CWE-427

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

27.8%

JSON

An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious dll files placed on the target machine.

Affected configurations

Nvd

Node

trihedralvtscadaRange≤11.3.03

VendorProductVersionCPE
trihedralvtscada*cpe:2.3:a:trihedral:vtscada:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
trihedral	vtscada	*	cpe:2.3:a:trihedral:vtscada::::::::

References

ics-cert.us-cert.gov/advisories/ICSA-17-304-02

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

27.8%

JSON

Related for NVD:CVE-2017-14029

cvelist1 cve1 prion1 ics1