CVE-2017-6051

HIGH

Blftech Visualview Hmi < 9.9.14.0 - Uncontrolled Search Path

Title source: rule

Description

An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98031

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-17-115-01

Scores

CVSS v3 7.0

EPSS 0.0026

EPSS Percentile 48.8%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status draft

Affected Products (1)

blftech/visualview_hmi < 9.9.14.0

Timeline

Published May 08, 2017

Tracked Since Feb 18, 2026