Two vulnerabilities in AzeoTech DAQFactory
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-12699 CVE-2017-5147 |
| CWE-ID | CWE-276 CWE-426 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
DAQFactory Client/Desktop applications / Other client software |
| Vendor | AzeoTech |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Incorrect default permissions
EUVDB-ID: #VU8034
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12699
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The weakness exists due to incorrect default permissions. A local attacker can bypass security restrictions and replace or modify original application files with malicious ones.
Update to version 17.1.
DAQFactory: 3.0 - 16.3
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-17-241-01
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Insecure DLL loading
EUVDB-ID: #VU8035
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-5147
CWE-ID:
CWE-426 - Untrusted Search Path
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to untrusted search path element. A local attacker can load a specially crafted .dll file, gain root access and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Update to version 17.1.
DAQFactory: 3.0 - 16.3
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-17-241-01
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
