Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries, potentially allowing an attacker to execute malicious code via a DLL with a matching name in an accessible search path. The affected components are:
* MMXFax.exe * winfax.dll
* MelSim2ComProc.exe
* Sim2ComProc.dll
* MMXCall_in.exe * libdxxmt.dll
* libsrlmt.dll
References
Link | Resource |
---|---|
https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21 | Exploit Third Party Advisory |
Configurations
History
12 Dec 2023, 22:24
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-427 CWE-426 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:a:iconics:iconics_suite:*:*:*:*:*:*:*:* | |
References | () https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21 - Exploit, Third Party Advisory | |
First Time |
Iconics
Iconics iconics Suite |
08 Dec 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-08 00:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-6061
Mitre link : CVE-2023-6061
CVE.ORG link : CVE-2023-6061
JSON object : View
Products Affected
iconics
- iconics_suite