Vulnerability Details CVE-2017-2286
Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
Products affected by CVE-2017-2286
-
cpe:2.3:h:sony:rc-s310/ed4c:-
-
cpe:2.3:h:sony:rc-s310/j1c:-
-
cpe:2.3:h:sony:rc-s310:-
-
cpe:2.3:h:sony:rc-s320:-
-
cpe:2.3:h:sony:rc-s330:-
-
cpe:2.3:h:sony:rc-s370:-
-
cpe:2.3:h:sony:rc-s380/s:-
-
cpe:2.3:h:sony:rc-s380:-
-
cpe:2.3:o:sony:nfc_net_installer:1.1.0.0
-
cpe:2.3:o:sony:nfc_port_firmware:5.3.6.7
-
cpe:2.3:o:sony:nfc_port_firmware:5.5.0.6
-
cpe:2.3:o:sony:pc/sc_activator_for_type_b:1.2.1.0
-
cpe:2.3:o:sony:sfcard_viewer_2:2.5.0.0