CVE-2018-8714

Published: May 17, 2018Modified: Nov 21, 2024

6.1

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Exploitability: 1.8 / Impact: 4.2

Source: NVD

Description

Honeywell MatrikonOPC OPC Controller before 5.1.0.0 allows local users to transfer arbitrary files from a host computer and consequently obtain sensitive information via vectors related to MSXML libraries.

Affected (1)

Products: Honeywell: Matrikonopc Explorer

Honeywell

1 product

Matrikonopc Explorer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Honeywell Matrikonopc Explorer	Before 5.1.0.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www.securityfocus.com/bid/104157

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-18-130-01

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

https://www.opcsupport.com/s/article/SECURITY-NOTIFICATION-OPC-Explorer-SN-2017-04-27-01

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/104157

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-18-130-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://www.opcsupport.com/s/article/SECURITY-NOTIFICATION-OPC-Explorer-SN-2017-04-27-01

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.