Arbitrary code execution in Solar Controls WATTConfig M Software

Published: 2017-08-10 00:00:00 | Updated: 2017-08-15 10:40:05
Severity Low
Patch available NO
Number of vulnerabilities 1
CVSSv2 6.1 (AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:U/RC:C)
CVSSv3 7.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE ID CVE-2017-9648
CWE ID CWE-426
Exploitation vector Local
Public exploit Not available
Vulnerable software WATTConfig M Software
Vulnerable software versions WATTConfig M Software 2.5.10.1
WATTConfig M Software 2.5
WATTConfig M Software 2.4
Show more
Vendor URL Solar Controls
Advisory type Public

Security Advisory

1) Insecure DLL loading

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to untrusted search path element. A local attacker can load a specially crafted .dll file, gain root access and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-222-02

Back to List