CVE-2015-3940

CVE-2015-3940

EPSS 0.5%

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02 http://www.securityfocus.com/bid/75297 http://www.securitytracker.com/id/1033179 http://www.securitytracker.com/id/1033180