Vulnerabilities > CVE-2011-4053 - Unspecified vulnerability in 7T Igss

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

critical

NVD

Published: 2012-01-19

Updated: 2012-01-23

Summary

Untrusted search path vulnerability in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) before 9.0.0.11291 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

Vulnerable Configurations

Part	Description	Count
Application	7T 7T Igss 2.0 7T Igss 3.0 7T Igss 4.1 7T Igss 5.0 7T Igss 5.1 7T Igss 6 7T Igss 7 7T Igss 8 7T Igss 9 7T Igss 9.0.0.11129 7T Igss *	11

References

http://www.us-cert.gov/control_systems/pdf/ICSA-11-353-01.pdf