CVE-2015-6478

Published: Nov 13, 2015Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site.

Affected (1)

Products: Unitronics: Visilogic Oplc Ide

Unitronics

1 product

Visilogic Oplc Ide

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Unitronics Visilogic Oplc Ide	Up to 9.8.0.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (14)

http://www.securityfocus.com/bid/77571

Source: ics-cert@hq.dhs.gov

http://www.zerodayinitiative.com/advisories/ZDI-15-573

Source: ics-cert@hq.dhs.gov

http://www.zerodayinitiative.com/advisories/ZDI-15-577

Source: ics-cert@hq.dhs.gov

http://www.zerodayinitiative.com/advisories/ZDI-15-578

Source: ics-cert@hq.dhs.gov

http://www.zerodayinitiative.com/advisories/ZDI-15-579

Source: ics-cert@hq.dhs.gov

http://www.zerodayinitiative.com/advisories/ZDI-15-580

Source: ics-cert@hq.dhs.gov

https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02

Source: ics-cert@hq.dhs.gov

PatchThird Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/77571