CVE-2014-9207

Untrusted search path vulnerability in CmnView.exe in CIMON CmnView 2.14.0.1 and 3.x before UltimateAccess 3.02 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
cimoncmnview
𝑥
≤ 2.14.0.1
cimonultimateaccess
𝑥
≤ 3.01
cimonultimateaccess
3.00
𝑥
= Vulnerable software versions
References
https://ics-cert.us-cert.gov/advisories/ICSA-15-069-01
https://ics-cert.us-cert.gov/advisories/ICSA-15-069-01