Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries, potentially allowing an attacker to execute malicious code via a DLL with a matching name in an accessible search path. The affected components are:
* MMXFax.exe * winfax.dll
* MelSim2ComProc.exe
* Sim2ComProc.dll
* MMXCall_in.exe * libdxxmt.dll
* libsrlmt.dll
References
Link | Resource |
---|---|
https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: palo_alto
Published: 2023-12-07T23:21:22.755Z
Updated: 2023-12-07T23:46:17.446Z
Reserved: 2023-11-09T18:55:45.555Z
Link: CVE-2023-6061
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-08T00:15:07.853
Modified: 2023-12-12T22:24:14.313
Link: CVE-2023-6061
JSON object: View
Redhat Information
No data.