PT-2018-12745 · Fuji Electric · Fuji Electric Energy Savings Estimator

Karn Ganeshen

Published

2018-10-24

Updated

2019-10-09

CVE-2018-14812

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior

Description An uncontrolled search path element, also known as DLL Hijacking, issue has been identified. This could allow an attacker to gain access to the system with the same level of privilege as the application using the malicious DLL.

Recommendations For Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior, update to a version that contains a fix for this issue, as using a vulnerable version may pose a significant risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2018-14812

Affected Products

Fuji Electric Energy Savings Estimator

PT-2018-12745 · Fuji Electric · Fuji Electric Energy Savings Estimator

CVE-2018-14812

Weakness Enumeration

Related Identifiers

Affected Products

References · 4