CVE-2023-6061

CVSS V2 None CVSS V3 None

Description

Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries, potentially allowing an attacker to execute malicious code via a DLL with a matching name in an accessible search path. The affected components are: * MMXFax.exe * winfax.dll * MelSim2ComProc.exe * Sim2ComProc.dll * MMXCall_in.exe * libdxxmt.dll * libsrlmt.dll

Overview

CVE ID
CVE-2023-6061

Assigner
palo_alto

Vulnerability Status
PUBLISHED

Published Version
2023-12-07T23:21:22.755Z

Last Modified Date
2023-12-07T23:46:17.446Z

Weakness Enumerations

CWE	URL
CWE-427	http://cwe.mitre.org/data/definitions/427.html
CWE-426	http://cwe.mitre.org/data/definitions/426.html

References

Reference URL	Reference Tags
https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-6061
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6061

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 07:12:47				Added to TrackCVE