DLL Hijacking Vulnerability in Schneider Electric's SoMachine HVAC Software
CVE-2017-7966
8.8HIGH
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 7 June 2017
What is CVE-2017-7966?
A DLL hijacking vulnerability exists in Schneider Electric's SoMachine HVAC v2.1.0 software, allowing an attacker to manipulate the loading of Dynamic Link Libraries (DLLs). This flaw can enable unauthorized remote code execution, potentially compromising the security and functionality of the affected system. Proper patching and security practices are essential to mitigate this risk.
Affected Version(s)
SoMachine HVAC Programming Software v2.1.0 for Modicon M171/M172 Controllers