PT-2023-5571 · Siemens · Siemens Software Center
CVE-2021-41544
·
Publicado
2023-08-08
·
Atualizado
2023-08-15
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Siemens Software Center versions prior to V3.0
Description
A DLL Hijacking issue could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path. This is related to an uncontrolled search path element. Exploitation may enable an attacker to run arbitrary code with increased privileges using a specially crafted dll file.
Recommendations
For versions prior to V3.0, update to version V3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to directories on the DLL search path to minimize the risk of exploitation.
Correção
Uncontrolled Search Path Element
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Siemens Software Center