Vulnerabilities > Eaton > 9000X Programming AND Configuration Software > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-30	CVE-2020-6654	Uncontrolled Search Path Element vulnerability in Eaton 9000X Programming and Configuration Software A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL. local eaton CWE-427	4.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.