Vulnerability Details CVE-2017-10850
Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:10 UTC.), XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 3 Nov 2017 23:48 UTC.), ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 26 May 2017 07:44 UTC.), Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 25 Aug 2015 08:51 UTC.) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
Products affected by CVE-2017-10850
-
cpe:2.3:a:fujifilm:apeosport-vi:c2271
-
cpe:2.3:a:fujifilm:apeosport-vi:c3371
-
cpe:2.3:a:fujifilm:apeosport-vi:c4471
-
cpe:2.3:a:fujifilm:apeosport-vi:c5571
-
cpe:2.3:a:fujifilm:apeosport-vi:c6671
-
cpe:2.3:a:fujifilm:apeosport-vi:c7771
-
cpe:2.3:a:fujifilm:docucentre-vi:c2271
-
cpe:2.3:a:fujifilm:docucentre-vi:c3371
-
cpe:2.3:a:fujifilm:docucentre-vi:c4471
-
cpe:2.3:a:fujifilm:docucentre-vi:c5571
-
cpe:2.3:a:fujifilm:docucentre-vi:c6671
-
cpe:2.3:a:fujifilm:docucentre-vi:c7771