CVE-2017-9961
N/A
N/A
Summary
A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code. Malicious code installation requires an access to the computer. By placing a specific DLL/OCX file, an attacker is able to force the process to load arbitrary DLL and execute arbitrary code in the context of the process.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric SE | ProFace GP-Pro EX | version 4.07.000 | affected |
Weaknesses
- Arbitrary Code Execution
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/100114
- http://www.schneider-electric.com/en/download/document/SEVD-2017-195-01/
References
- http://www.securityfocus.com/bid/100114
- http://www.schneider-electric.com/en/download/document/SEVD-2017-195-01/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.