CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6654 – DLL Hijacking
https://notcve.org/view.php?id=CVE-2020-6654
30 Sep 2020 — A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL. Una vulnerabilidad de secuestro de DLL en 9000x Programming and Configuration Software de Eaton v 2.0.38 y anteriores, permite a un atacante ejecutar código arbitrario al reemplazar las DLL requeridas por DLL maliciosas cuando el software intenta cargar... • https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/9000x-software-eaton-vulnerability-advisory.pdf • CWE-426: Untrusted Search Path CWE-427: Uncontrolled Search Path Element •