Ivan Sanchez

**Name of the Vulnerable Software and Affected Versions** Opto 22 PAC Project Professional versions prior to R9.4006 Opto 22 PAC Project Basic versions prior to R9.4006 Opto 22 PAC Display Basic versions prior to R9.4f Opto 22 PAC Display Professional versions prior to R9.4f Opto 22 OptoOPCServer versions prior to R9.4c Opto 22 OptoDataLink versions prior to R9.4d and versions installed by PAC Project installer prior to R9.4006 **Description** A vulnerable file is susceptible to a heap-based buffer overflow condition that may allow remote code execution on the target system. **Recommendations** For Opto 22 PAC Project Professional versions prior to R9.4006, upgrade to version R9.4006 or later. For Opto 22 PAC Project Basic versions prior to R9.4006, upgrade to version R9.4006 or later. For Opto 22 PAC Display Basic versions prior to R9.4f, upgrade to version R9.4f or later. For Opto 22 PAC Display Professional versions prior to R9.4f, upgrade to version R9.4f or later. For Opto 22 OptoOPCServer versions prior to R9.4c, upgrade to version R9.4c or later. For Opto 22 OptoDataLink versions prior to R9.4d and versions installed by PAC Project installer prior to R9.4006, upgrade to version R9.4d or later and ensure the PAC Project installer is version R9.4006 or later.

**Name of the Vulnerable Software and Affected Versions** Opto 22 PAC Project Professional versions prior to R9.4008 PAC Project Basic versions prior to R9.4008 PAC Display Basic versions prior to R9.4g PAC Display Professional versions prior to R9.4g OptoOPCServer version R9.4c and prior OptoDataLink version R9.4d and prior **Description** A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution. **Recommendations** For Opto 22 PAC Project Professional versions prior to R9.4008, upgrade to version R9.4008 or later. For PAC Project Basic versions prior to R9.4008, upgrade to version R9.4008 or later. For PAC Display Basic versions prior to R9.4g, upgrade to version R9.4g or later. For PAC Display Professional versions prior to R9.4g, upgrade to version R9.4g or later. For OptoOPCServer version R9.4c and prior, upgrade to a version later than R9.4c. For OptoDataLink version R9.4d and prior, upgrade to a version later than R9.4d.

**Name of the Vulnerable Software and Affected Versions** ABB CP400 Panel Builder versions 2.0.7.05 and earlier **Description** The issue concerns a vulnerability in the file parser of the TextEditor 2.0, where the application fails to properly prevent the insertion of specially crafted files. This could potentially allow arbitrary code execution. **Recommendations** For ABB CP400 Panel Builder versions 2.0.7.05 and earlier, consider disabling the TextEditor 2.0 until a patch is available to prevent the insertion of specially crafted files.

**Name of the Vulnerable Software and Affected Versions** Connected Components Workbench versions 9.01.00 and earlier **Description** A DLL Hijack issue was discovered, potentially allowing an attacker to gain access to a victim's personal computer with the same or higher level of privileges as the compromised user account, including computer administrator privileges. **Recommendations** For Connected Components Workbench versions 9.01.00 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Rockwell Automation Integrated Architecture Builder (IAB) versions prior to 9.6.0.8 Rockwell Automation Integrated Architecture Builder (IAB) versions 9.7.x prior to 9.7.0.2 **Description** The issue is related to insufficient access control in the IAB.exe component, allowing remote attackers to execute arbitrary code via a crafted project file. This can be exploited by an attacker to gain unauthorized access and execute malicious code. **Recommendations** For versions prior to 9.6.0.8, update to version 9.6.0.8 or later. For versions 9.7.x prior to 9.7.0.2, update to version 9.7.0.2 or later.

**Name of the Vulnerable Software and Affected Versions** ABB Panel Builder 800 version 5.1 **Description** The issue allows local users to gain privileges via a Trojan horse DLL in the current working directory due to an untrusted search path vulnerability. **Recommendations** For ABB Panel Builder 800 version 5.1, consider restricting the execution of files from untrusted directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Open Automation OPC Systems.NET versions 8.00.0023 and earlier **Description** The issue allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability. **Recommendations** For versions 8.00.0023 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Wonderware System Platform versions prior to 2014 R2 Patch 01 **Description** The issue allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For versions prior to 2014 R2 Patch 01, update to 2014 R2 Patch 01 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** PACTware version 4.1 SP3 **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by using a crafted file that triggers an internal error. **Recommendations** For PACTware version 4.1 SP3, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Elipse E3 versions 4.5.232 through 4.6.161 **Description** The issue allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, due to multiple untrusted search path vulnerabilities in EQATEC.Analytics.Monitor.Win32 vc100.dll and EQATEC.Analytics.Monitor.Win32 vc100-x64.dll. **Recommendations** For Elipse E3 versions 4.5.232 through 4.6.161, consider restricting access to the affected DLLs, EQATEC.Analytics.Monitor.Win32 vc100.dll and EQATEC.Analytics.Monitor.Win32 vc100-x64.dll, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2008 R2 SP1 Microsoft Windows 7 Gold Microsoft Windows 7 SP1 **Description** A vulnerability exists in the way Windows Mail and Windows Meeting Space handle the loading of DLL files, allowing for remote code execution. This could enable an attacker to gain complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights. The issue can be exploited by a local user via a Trojan horse DLL in the current working directory, for example, a directory containing a .eml or .wcinv file. **Recommendations** For Microsoft Windows Vista SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 R2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 R2 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 7 Gold, update to a newer version to mitigate the risk. For Microsoft Windows 7 SP1, update to a newer version to mitigate the risk.

Name of the Vulnerable Software and Affected Versions: MailBee WebMail Pro versions 3.4 and earlier MailBee WebMail Pro ASP versions prior to 3.4.64 WebMail Lite ASP versions prior to 4.0.11 WebMail Lite PHP versions prior to 4.0.22 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the `mode` parameter to "login.php" and the `mode2` parameter to "default.asp" in an advanced login mode. This can lead to cross-site scripting (XSS) attacks. Recommendations: For MailBee WebMail Pro versions 3.4 and earlier, update to a version later than 3.4. For MailBee WebMail Pro ASP versions prior to 3.4.64, update to version 3.4.64 or later. For WebMail Lite ASP versions prior to 4.0.11, update to version 4.0.11 or later. For WebMail Lite PHP versions prior to 4.0.22, update to version 4.0.22 or later. As a temporary workaround, consider restricting access to the "login.php" and "default.asp" files to minimize the risk of exploitation. Avoid using the `mode` and `mode2` parameters in the affected API endpoints until the issue is resolved.