[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] Schneider Electric CitectSCADA Insecure DLL Loading Code Execution Vulnerability

To: fulldisclosure@xxxxxxxxxxxx
Subject: Re: [FD] Schneider Electric CitectSCADA Insecure DLL Loading Code Execution Vulnerability
From: "W Gillespie" <wgillespie+fulldiscolosure@xxxxxxxxxx>
Date: Tue, 8 Sep 2015 02:50:06 -0600 (MDT)

If I can write a file to "C:\Program Files", I already have administrative 
access to the machine.
http://blogs.msdn.com/b/oldnewthing/archive/2012/12/07/10375415.aspx

-----Original Message-----
From: "Praveen D" <praveend.hac@xxxxxxxxx>
Sent: Friday, September 4, 2015 6:41am
To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] Schneider Electric CitectSCADA Insecure DLL Loading Code 
Execution Vulnerability

Create a malicious DLL and rename as anyone of the below DLL's.
<snip>
located at
C:\Program Files\Schneider Electric\CitectSCADA 7.40\Bin\

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

References:
- [FD] Schneider Electric CitectSCADA Insecure DLL Loading Code Execution Vulnerability
  - From: Praveen D

Prev by Date: [FD] Nokia Solutions and Networks @vantage - Multiple Reflected XSS
Next by Date: [FD] Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability
Previous by thread: [FD] Schneider Electric CitectSCADA Insecure DLL Loading Code Execution Vulnerability
Next by thread: [FD] Advantech WebAccess 8.0, 3.4.3 multiple Remote Code Execution Vulnerabilities
Index(es):
- Date
- Thread