Vulnerability CVE-2023-6061
Published: 2023-12-08   Modified: 2023-12-14

Description:
Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries, potentially allowing an attacker to execute malicious code via a DLL with a matching name in an accessible search path. The affected components are:
* MMXFax.exe * winfax.dll




* MelSim2ComProc.exe
* Sim2ComProc.dll




* MMXCall_in.exe * libdxxmt.dll
* libsrlmt.dll

Type:

CWE-427

 (Uncontrolled Search Path Element)

Affected software
Iconics -> Iconics suite 

 References:
https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21
Copyright 2024, cxsecurity.com

 

Back to Top