CVE-2018-7799

A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an…

schneider·CWE-427·Published 2018-11-02

CVSS

—

EPSS

0.03

KEV

Exploits

cve.orgen

225 chars

A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when placing a specific DLL file.

NVDen

225 chars

NVDes

265 chars

Existe una vulnerabilidad de secuestro de DLL en Schneider Electric Software Update (SESU), en todas las versiones anteriores a la V2.2.0, lo que podría permitir que un atacante ejecutar código arbitrario en el sistema objetivo al colocar un archivo DLL específico.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	9.3	8.6	10.0	AV:N/AC:M/Au:N/C:C/I:C/A:C
3.0	Primary	NVD	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H