First published: Thu May 14 2020(Updated: )
In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Fazecast jSerialComm | <=2.2.2 | |
Schneider-electric Ecostruxure It Gateway | >=1.5.0.66<=1.5.2.28 | |
Schneider-electric Ecostruxure It Gateway | >=1.6.0.39<=1.6.2.14 | |
Schneider-electric Ecostruxure It Gateway | =1.7.0.64 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.