CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-6033

A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a location that is earlier in the search path.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.3%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-090-01
http://www.securityfocus.com/bid/97389
https://ics-cert.us-cert.gov/advisories/ICSA-17-094-01
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-090-01
http://www.securityfocus.com/bid/97389
https://ics-cert.us-cert.gov/advisories/ICSA-17-094-01

Products affected by CVE-2017-6033

Schneider-Electric » Interactive Graphical Scada System » Version: 10.0

cpe:2.3:a:schneider-electric:interactive_graphical_scada_system:10.0
Schneider-Electric » Interactive Graphical Scada System » Version: 12.0

cpe:2.3:a:schneider-electric:interactive_graphical_scada_system:12.0
Schneider-Electric » Interactive Graphical Scada System » Version: 9.0

cpe:2.3:a:schneider-electric:interactive_graphical_scada_system:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6033

Products

Pricing

Contact Us