CVE-2020-6654
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Eaton | 9000x Programming and Configuration Software | unspecified <= 2.0.38 | affected |
Weaknesses
- CWE-427: CWE-427 Uncontrolled Search Path Element
- CWE-426: CWE-426 Untrusted Search Path
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.