First published: Mon Jul 15 2019(Updated: )
A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs inside the software installation, to execute arbitrary code in all versions of ProClima prior to version 8.0.0.
Credit: cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Proclima | <8.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the Uncontrolled Search Path Element vulnerability in ProClima is CVE-2019-6825.
CVE-2019-6825 has a severity rating of 7.8 (high).
The affected software for CVE-2019-6825 is ProClima versions prior to 8.0.0.
CVE-2019-6825 belongs to the CWE category 427: Uncontrolled Search Path Element.
The Uncontrolled Search Path Element vulnerability in ProClima can be exploited by a malicious DLL file with the same name as resident DLLs inside the software installation, enabling arbitrary code execution.