CVE-2018-7239

A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior…

schneider·CWE-426·Published 2018-03-09

CVSS

—

EPSS

0.03

KEV

Exploits

cve.orgen

203 chars

A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code.

NVDen

203 chars

NVDes

244 chars

Existe una vulnerabilidad de secuestro de DLL en SoMove Software de Schneider Electric y en los componentes de software DTM asociados, en todas las versiones anteriores a la 2.6.2. Esto podría permitir que un atacante ejecute código arbitrario.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H