CVE-2015-0990

Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
ecavaintegraxor
𝑥
≤ 4.1.4450
𝑥
= Vulnerable software versions
References
https://ics-cert.us-cert.gov/advisories/ICSA-15-090-02
https://ics-cert.us-cert.gov/advisories/ICSA-15-090-02