CVE-2018-7824

Name of the Vulnerable Software and Affected Versions Schneider Electric Modbus Serial Driver versions V3.17 IE 37 and prior Schneider Electric Modbus Serial Driver versions V2.17 IE 27 and prior Schneider Electric Modbus Serial Driver version V14.12 and prior

Description The issue is related to errors in processing hyperlinks, which could allow an attacker to overwrite files in the file system. This is due to an Externally Controlled Reference to a Resource, which could provide write access to system files or other important user files, but only for users with SYSTEM privilege.

Recommendations For versions V3.17 IE 37 and prior, update to a version later than V3.17 IE 37 to resolve the issue. For versions V2.17 IE 27 and prior, update to a version later than V2.17 IE 27 to resolve the issue. For version V14.12 and prior, update to a version later than V14.12 to resolve the issue.