DLL Hijacking Vulnerability in AutomationDirect Programming Software and Related Products
CVE-2017-14020

7.8HIGH

Key Information:

Vendor: Automationdirect
Status: Click Programming Software (part Number C0-pgmsw); C-more Programming Software (part Number Ea9-pgmsw); C-more Micro (part Number Ea-pgmsw); Do-more Designer Software (part Number Dm-pgmsw)
Vendor: CVE Published:; 13 November 2017

What is CVE-2017-14020?

An uncontrolled search path element vulnerability exists in various AutomationDirect programming software, including the CLICK, C-More, and DirectSOFT products. Attackers can exploit this vulnerability by renaming a malicious Dynamic Link Library (DLL) to match the expected criteria of the application. The application fails to validate the integrity of the loaded DLL, allowing the execution of arbitrary code with the same privileges as the application. This could lead to unauthorized actions and data breaches, emphasizing the need for prompt remediation and security best practices.

Affected Version(s)

C-More Micro (Part Number EA-PGMSW) 4.20.01.0 and prior

C-More Programming Software (Part Number EA9-PGMSW) 6.30 and prior

CLICK Programming Software (Part Number C0-PGMSW) 2.10 and prior

References

http://www.securityfocus.com/bid/101780

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-17-313-01

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 13, 2017
Vulnerability Reserved
Aug 30, 2017

Automationdirect

What is CVE-2017-14020?

Affected Version(s)

References

CVSS V3.1

Timeline