CVE-2017-14029
published 2017-11-06CVE-2017-14029: An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious dll files…
PriorityP334high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
0.93%
56.1th percentile
An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious dll files placed on the target machine.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trihedral | vtscada | <= 11.3.03 | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Trihedral Engineering Limited VTScada
cisa_ics·2017-10-31
Trihedral Engineering Limited VTScada
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Trihedral Engineering Limited VTScada
Last RevisedOctober 31, 2017
Alert CodeICSA-17-304-02
## CVSS v3 7.8
ATTENTION: Low skill level to exploit.
Vendor: Trihedral Engineering Limited
Equipment: VTScada
Vulnerabilities: Improper Access Control, Uncontrolled Search Path Element
## AFFECTED PRODUCTS
Trihedral Engineering Limited reports that the vulnerability affects the following versions of the VTScada HMI and SCADA software:
- VTScada 11.3.03 and prior.
## IMPACT
Successful exploitation of these vulnerabilities may allow execution of arbitrary code.
## MITIGATION
Trih
GHSA
GHSA-93hw-xc5x-9vwp: An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11
ghsa_unreviewed·2022-05-13
CVE-2017-14029 [HIGH] CWE-427 GHSA-93hw-xc5x-9vwp: An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11
An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious dll files placed on the target machine.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-11-06
Published