CVE-2017-14020

{"id": "CVE-2017-14020", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2017-11-13T20:29:00.257", "references": [{"url": "http://www.securityfocus.com/bid/101780", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-313-01", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "http://www.securityfocus.com/bid/101780", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-313-01", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-427"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Versions 6.30 and prior; C-More Micro (Part Number EA-PGMSW) Versions 4.20.01.0 and prior; Do-more Designer Software (Part Number DM-PGMSW) Versions 2.0.3 and prior; GS Drives Configuration Software (Part Number GSOFT) Versions 4.0.6 and prior; SL-SOFT SOLO Temperature Controller Configuration Software (Part Number SL-SOFT) Versions 1.1.0.5 and prior; and DirectSOFT Programming Software Versions 6.1 and prior, an uncontrolled search path element (DLL Hijacking) vulnerability has been identified. To exploit this vulnerability, an attacker could rename a malicious DLL to meet the criteria of the application, and the application would not verify that the DLL is correct. Once loaded by the application, the DLL could run malicious code at the privilege level of the application."}, {"lang": "es", "value": "En AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) en versiones 2.10 y anteriores; C-More Programming Software (Part Number EA9-PGMSW) en versiones 6.30 y anteriores; C-More Micro (Part Number EA-PGMSW) en versiones 4.20.01.0 y anteriores; Do-more Designer Software (Part Number DM-PGMSW) en versiones 2.0.3 y anteriores; GS Drives Configuration Software (Part Number GSOFT) en versiones 4.0.6 y anteriores; SL-SOFT SOLO Temperature Controller Configuration Software (Part Number SL-SOFT) en versiones 1.1.0.5 y anteriores y DirectSOFT Programming Software en versiones 6.1 y anteriores, se ha identificado una vulnerabilidad de elemento de ruta de b\u00fasqueda no controlado (secuestro de DLL). Para explotar esta vulnerabilidad, un atacante podr\u00eda renombrar un DLL malicioso para cumplir los criterios de la aplicaci\u00f3n y esta no verificar\u00eda que el DLL es correcto. Una vez es cargado por la aplicaci\u00f3n, el DLL podr\u00eda ejecutar c\u00f3digo malicioso al nivel de privilegios de la aplicaci\u00f3n."}], "lastModified": "2024-11-21T03:11:58.590", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:click_plc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17150C6A-62A1-46BE-BBC2-4FDE9C2C7FE3", "versionEndIncluding": "2.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:click_plc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1C1B2940-104B-4ED2-B8DD-2B35A427A624"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:c-more_plc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE0EACAD-45F4-41C6-A931-AB663F9B3820", "versionEndIncluding": "6.30"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:c-more_plc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "396C2928-5895-40CC-BCF2-3B8D607B34BA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:c-more_micro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD7929CC-AE1E-461E-AD6D-EF3BD50E6AE5", "versionEndIncluding": "4.20.01.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:c-more_micro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DAE71D4F-EC67-4567-8BCB-653931016C99"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:gs_drives_fimware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A615B38E-7FA3-4DD6-8544-8002C13615C1", "versionEndIncluding": "4.0.6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:gs_drives:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CCEE1F6B-325F-414B-884D-8781D1F53B9C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:sl-soft_solo_temperature_controller_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC734917-5626-4917-B16E-737650077234", "versionEndIncluding": "1.1.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:sl-soft_solo_temperature_controller:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5D1849FB-D169-4610-A246-5DC6BC063234"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}