CVE-2018-14812 Vulnerability Details

  /     /     /  

CVE-2018-14812 Metadata Quick Info

CVE Published: 24/10/2018 | CVE Updated: 17/09/2024 | CVE Year: 2018
Source: icscert | Vendor: Fuji Electric | Product: Energy Savings Estimator
Status : PUBLISHED

---

CVE-2018-14812 Description

An uncontrolled search path element (DLL Hijacking) vulnerability has been identified in Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-427
CWE Name: UNCONTROLLED SEARCH PATH ELEMENT CWE-427
Source: Fuji Electric

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).