Lucene search
IcscertCVE-2024-1595HistoryFeb 29, 2024 - 8:15 p.m.
CVE-2024-1595
2024-02-2920:15:41
CWE-427
icscert
web.nvd.nist.gov
60
cve-2024-1595
delta electronics
cncsoft-b
dopsoft
dll hijacking
nvd
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
28.8%
Delta Electronics CNCSoft-B DOPSoft prior to v4.0.0.82
insecurely loads libraries, which may allow an attacker to use DLL hijacking and take over the system where the software is installed.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "CNCSoft-B v1.0.0.4 DOPSoft",
"vendor": "Delta Electronics",
"versions": [
{
"lessThan": "v4.0.0.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
zdi
zdi
prion
prion
Code injection
2024-02-29 20:15:00
cvelist
cvelist
nvd
nvd
CVE-2024-1595
2024-02-29 20:15:41
ics
ics
Delta Electronics CNCSoft-B DOPSoft
2024-02-22 12:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
28.8%
Related for CVE-2024-1595