CVE-2012-3005

Name of the Vulnerable Software and Affected Versions Invensys Wonderware InTouch versions 2012 and earlier

Description The issue allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability.

Recommendations For Invensys Wonderware InTouch versions 2012 and earlier, consider restricting access to sensitive directories to minimize the risk of exploitation. As a temporary workaround, monitor the system for any suspicious DLL files in unspecified directories. At the moment, there is no information about a newer version that contains a fix for this vulnerability.