PT-2023-5571 · Siemens · Siemens Software Center

CVE-2021-41544

·

Publicado

2023-08-08

·

Atualizado

2023-08-15

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Siemens Software Center versions prior to V3.0
Description A DLL Hijacking issue could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path. This is related to an uncontrolled search path element. Exploitation may enable an attacker to run arbitrary code with increased privileges using a specially crafted dll file.
Recommendations For versions prior to V3.0, update to version V3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to directories on the DLL search path to minimize the risk of exploitation.

Correção

Uncontrolled Search Path Element

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

BDU:2023-06222
CVE-2021-41544

Produtos afetados

Siemens Software Center