An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their malicious version to gain initial access and code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ptc kepware kepserverex |
||
ptc thingworx kepware server |
||
ptc thingworx industrial connectivity |