CVE-2020-7490

Name of the Vulnerable Software and Affected Versions Vijeo Designer Basic versions V1.1 HotFix 15 and prior Vijeo Designer versions V6.9 SP9 and prior

Description A vulnerability exists in the software related to untrusted search paths, which could allow an attacker to execute arbitrary code on the system when a malicious DLL library is loaded. This issue is associated with errors in checking the path of loaded dynamic libraries.

Recommendations For Vijeo Designer Basic versions V1.1 HotFix 15 and prior, update to a version later than V1.1 HotFix 15 to resolve the issue. For Vijeo Designer versions V6.9 SP9 and prior, update to a version later than V6.9 SP9 to resolve the issue. As a temporary workaround, consider restricting the loading of external DLL libraries to minimize the risk of exploitation.