CVE-2017-6051

HIGH

BLF-Tech VisualView HMI <= 9.9.14.0 - Uncontrolled Search Path Element

Title source: llm
STIX 2.1

Description

An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-115-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/98031

Scores

CVSS v3 7.0
EPSS 0.0136
EPSS Percentile 68.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-427
Status published
Products (2)
blftech/visualview_hmi < 9.9.14.0
n/a/BLF-Tech LLC VisualView HMI BLF-Tech LLC VisualView HMI
Published May 08, 2017
Tracked Since Feb 18, 2026