Schneider Electric Interactive Graphical SCADA DLL Loading Remote Code Execution Vulnerability



Schneider Electric Interactive Graphical SCADA System Software is prone to a remote code-execution vulnerability.

A remote attacker can leverage this issue to execute arbitrary code in the context of the affected system.

Schneider Electric Interactive Graphical SCADA System Software version 12 and prior are vulnerable.

Information

Bugtraq ID: 97389
Class: Design Error
CVE: CVE-2017-6033

Remote: Yes
Local: No
Published: Apr 05 2017 12:00AM
Credit: Karn Ganeshen
Vulnerable: Schneider-Electric Interactive Graphical SCADA System Software 12


Not Vulnerable:

Exploit


Attackers must trick a user into opening a file on a remote WebDAV or SMB share to exploit this issue.


Related Posts

Comments