CVE-2015-3940

CVE-2015-3940

EPSS 0.5%

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02 http://www.securityfocus.com/bid/75297 http://www.securitytracker.com/id/1033179 http://www.securitytracker.com/id/1033180