CVE-2018-7815

Name of the Vulnerable Software and Affected Versions Eurotherm by Schneider Electric GUIcon version V2.0 (Gold Build 683.0)

Description The issue is related to a type confusion error in the 3core.dll library of the GUIcon software, which can be exploited by a remote attacker to execute code during the parsing of a GD1 file. This type of error is classified as a Type Confusion vulnerability.

Recommendations For Eurotherm by Schneider Electric GUIcon version V2.0 (Gold Build 683.0), consider restricting access to the c3core.dll library until a patch is available, and avoid parsing untrusted GD1 files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.