Progea: >> Movicon >> 11.4 Security Vulnerabilities
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-10-19
TCPUploader module listens on Port 10651/TCP for incoming connections.
Exploitation of this vulnerability could allow a remote unauthenticated
user access to release OS version information. While this is a minor
vulnerability, it represents a method for further network
reconnaissance.
CVSS Score
4.3
EPSS Score
0.006
Published
2014-04-19