CVE-2019-18996

Published at:
2019-12-18T21:15:13.507
Source: [email protected]

Global infos:

Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application’s context.

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorLOCAL
    Availability ImpactLOW
    Base Score7.1
    Base SeverityHIGH
    Confidentiality ImpactNONE
    Integrity ImpactHIGH
    Privileges RequiredNONE
    ScopeCHANGED
    User InteractionREQUIRED
    Vector StringCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L
    Exploitability Score1.8
    Impact Score4.7
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords