CVE-2014-9207

EUVD-2014-9032
Untrusted search path vulnerability in CmnView.exe in CIMON CmnView 2.14.0.1 and 3.x before UltimateAccess 3.02 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
cimoncmnview
𝑥
≤ 2.14.0.1
cimonultimateaccess
𝑥
≤ 3.01
cimonultimateaccess
3.00
𝑥
= Vulnerable software versions
References
https://ics-cert.us-cert.gov/advisories/ICSA-15-069-01
https://ics-cert.us-cert.gov/advisories/ICSA-15-069-01