CVE-2022-2334

HIGH Year: 2022
CVSS v3 Score
7.2
High
Weakness Type
CWE-427
View all →

Vulnerability Description

The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.

Related Vulnerabilities

CVE-2017-5161

HIGH
CVSS:7.2(High)

An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path e...

CWE-4272017

CVE-2017-5170

HIGH
CVSS:7.2(High)

An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. An uncontrolled search path element (DLL Hijacking) vulnerability has bee...

CWE-4272017

CVE-2022-23050

HIGH
CVSS:7.2(High)

ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' func...

CWE-4272022

CVE-2023-40352

HIGH
CVSS:7.2(High)

McAfee Safe Connect before 2.16.1.126 may allow an adversary with system privileges to achieve privilege escalation by loading arbitrary DLLs.

CWE-4272023

CVE-2024-2637

HIGH
CVSS:7.2(High)

An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automat...

CWE-4272024

CVE-2015-1014

HIGH
CVSS:7.3(High)

A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expe...

CWE-4272015