CVE-2011-4044

ARC Informatique PcVue 6.0-10.0 FrontVue and PlantVue - Arbitrary File Write via SVUIGrd.ocx ActiveX Control

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2011-4044. PoCs published by Metasploit, Luigi Auriemma, including Metasploit module exploits/windows/browser/pcvue_func.

AI-analyzed exploit summary This Metasploit module exploits a function pointer control vulnerability in SVUIGrd.ocx of PcVue 10.0 by overwriting a function pointer via SaveObject() or LoadObject() to achieve arbitrary code execution.

Description

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/17975

View Code ZIP pw:eip

This Metasploit module exploits a function pointer control vulnerability in SVUIGrd.ocx of PcVue 10.0 by overwriting a function pointer via SaveObject() or LoadObject() to achieve arbitrary code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PcVue 10.0 (SVUIGrd.ocx v1.5.1.0)

No auth needed

Prerequisites: Target must be using Internet Explorer 6 or 7 · Target must have PcVue 10.0 installed

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WRITEUP

doswindows

https://www.exploit-db.com/exploits/17896

View Code ZIP pw:eip

The document provides a detailed technical analysis of multiple vulnerabilities in PcVue SCADA software, including code execution, memory corruption, and array overflow issues in specific ActiveX components (SVUIGrd.ocx and aipgctl.ocx). It includes disassembly snippets and exploitation details but does not contain functional exploit code.

Classification

Writeup 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: PcVue <= 10.0, SVUIGrd.ocx <= 1.5.1.0, aipgctl.ocx <= 1.07.3702

No auth needed

Prerequisites: Access to a vulnerable version of PcVue or the affected ActiveX components

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Luigi Auriemma · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/pcvue_func.rb

View Code ZIP pw:eip

This Metasploit module exploits a function pointer control vulnerability in PcVue 10.0's SVUIGrd.ocx via the SaveObject() method, allowing arbitrary code execution through a crafted HTML page targeting Internet Explorer 6/7.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PcVue 10.0 (SVUIGrd.ocx v1.5.1.0)

No auth needed

Prerequisites: Victim must visit a malicious webpage using Internet Explorer 6 or 7 · PcVue 10.0 with vulnerable SVUIGrd.ocx must be installed

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

US Government Resource x_refsource_misc

http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf

Vendor Advisory x_refsource_confirm

http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257

Various Sources x_refsource_confirm

https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440

Scores

EPSS 0.2673

EPSS Percentile 97.8%

Details

Status published

Products (6)

arcinfo/frontvue

arcinfo/pcvue 6.0

arcinfo/pcvue 8.2

arcinfo/pcvue 9.0

arcinfo/pcvue 10.0

arcinfo/plantvue

Published Apr 03, 2012

Tracked Since Feb 18, 2026