PT-2017-15280 · Mlit · Mlit Denshiseikabutsusakuseishienkensa System
Published
2017-07-07
·
Updated
2017-07-20
·
CVE-2017-2231
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
MLIT DenshiSeikabutsuSakuseiShienKensa system versions 3.02 and earlier
Description
The issue concerns an untrusted search path vulnerability in the installer of the MLIT DenshiSeikabutsuSakuseiShienKensa system. This vulnerability allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Recommendations
For MLIT DenshiSeikabutsuSakuseiShienKensa system versions 3.02 and earlier, consider restricting access to the installer until a patch is available. As a temporary workaround, avoid using the self-extracting archive including the installer to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mlit Denshiseikabutsusakuseishienkensa System