CVE-2017-16690

7.8HIGH

Key Information:

Vendor
SAP
Status
SAP Plant Connectivity
Vendor
CVE Published:
12 December 2017

Summary

A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder the executable is in and not from the system location. The desired behavior is that system dlls are only loaded from the system folders. If a dll with the same name as the system dll is located in the same folder as the executable, this dll is loaded and code is executed.

Affected Version(s)

SAP Plant Connectivity 2.3; 15.0

References

http://www.securityfocus.com/bid/102145
vdb-entryx_refsource_BID
https://blogs.sap.com/2017/12/12/sap-security-patch-day-d...
x_refsource_CONFIRM
https://launchpad.support.sap.com/#/notes/2529480
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.