Design/Logic Flaw

2015-08-0401:59:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.5%

JSON

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

CPENameOperatorVersion
wonderware_system_platform_2014eq2.0.114

CPE	Name	Operator	Version
	wonderware_system_platform_2014	eq	2.0.114

References

iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf

www.securityfocus.com/bid/75297

www.securitytracker.com/id/1033179

www.securitytracker.com/id/1033180

ics-cert.us-cert.gov/advisories/ICSA-15-169-02