CVE-2015-3940
Schneider Electric Wonderware System Platform <2014 R2 Patch 01 - P...
Title source: llmDescription
Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033179
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033180
Patch, Vendor Advisory x_refsource_confirm
http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75297
Scores
EPSS
0.0005
EPSS Percentile
15.0%
Details
CWE
CWE-22
Status
published
Products (1)
schneider-electric/wonderware_system_platform_2014
r2
Published
Aug 04, 2015
Tracked Since
Feb 18, 2026