Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for SAP Plant Connectivity by SAP

    CVE-2017-16690 (GCVE-0-2017-16690)

    Vulnerability from nvd – Published: 2017-12-12 14:00 – Updated: 2024-09-16 19:50
    VLAI
    Summary
    A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder the executable is in and not from the system location. The desired behavior is that system dlls are only loaded from the system folders. If a dll with the same name as the system dll is located in the same folder as the executable, this dll is loaded and code is executed.
    Severity
    No CVSS data available.
    CWE
    • DLL preload attack
    Assigner
    sap
    References
    Impacted products
    Vendor Product Version
    SAP SAP Plant Connectivity Affected: 2.3; 15.0
    Create a notification for this product.
    Date Public
    2017-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:35:19.928Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102145",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102145"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.support.sap.com/#/notes/2529480"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SAP Plant Connectivity",
              "vendor": "SAP",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.3; 15.0"
                }
              ]
            }
          ],
          "datePublic": "2017-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder the executable is in and not from the system location. The desired behavior is that system dlls are only loaded from the system folders. If a dll with the same name as the system dll is located in the same folder as the executable, this dll is loaded and code is executed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "DLL preload attack",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-13T10:57:01.000Z",
            "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
            "shortName": "sap"
          },
          "references": [
            {
              "name": "102145",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102145"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.support.sap.com/#/notes/2529480"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cna@sap.com",
              "DATE_PUBLIC": "2017-12-12T00:00:00",
              "ID": "CVE-2017-16690",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SAP Plant Connectivity",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.3; 15.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "SAP"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder the executable is in and not from the system location. The desired behavior is that system dlls are only loaded from the system folders. If a dll with the same name as the system dll is located in the same folder as the executable, this dll is loaded and code is executed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "DLL preload attack"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102145",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102145"
                },
                {
                  "name": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/",
                  "refsource": "CONFIRM",
                  "url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
                },
                {
                  "name": "https://launchpad.support.sap.com/#/notes/2529480",
                  "refsource": "CONFIRM",
                  "url": "https://launchpad.support.sap.com/#/notes/2529480"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "assignerShortName": "sap",
        "cveId": "CVE-2017-16690",
        "datePublished": "2017-12-12T14:00:00.000Z",
        "dateReserved": "2017-11-09T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:50:53.945Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-16690 (GCVE-0-2017-16690)

    Vulnerability from cvelistv5 – Published: 2017-12-12 14:00 – Updated: 2024-09-16 19:50
    VLAI
    Summary
    A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder the executable is in and not from the system location. The desired behavior is that system dlls are only loaded from the system folders. If a dll with the same name as the system dll is located in the same folder as the executable, this dll is loaded and code is executed.
    Severity
    No CVSS data available.
    CWE
    • DLL preload attack
    Assigner
    sap
    References
    Impacted products
    Vendor Product Version
    SAP SAP Plant Connectivity Affected: 2.3; 15.0
    Create a notification for this product.
    Date Public
    2017-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:35:19.928Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102145",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102145"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.support.sap.com/#/notes/2529480"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SAP Plant Connectivity",
              "vendor": "SAP",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.3; 15.0"
                }
              ]
            }
          ],
          "datePublic": "2017-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder the executable is in and not from the system location. The desired behavior is that system dlls are only loaded from the system folders. If a dll with the same name as the system dll is located in the same folder as the executable, this dll is loaded and code is executed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "DLL preload attack",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-13T10:57:01.000Z",
            "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
            "shortName": "sap"
          },
          "references": [
            {
              "name": "102145",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102145"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.support.sap.com/#/notes/2529480"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cna@sap.com",
              "DATE_PUBLIC": "2017-12-12T00:00:00",
              "ID": "CVE-2017-16690",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SAP Plant Connectivity",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.3; 15.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "SAP"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder the executable is in and not from the system location. The desired behavior is that system dlls are only loaded from the system folders. If a dll with the same name as the system dll is located in the same folder as the executable, this dll is loaded and code is executed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "DLL preload attack"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102145",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102145"
                },
                {
                  "name": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/",
                  "refsource": "CONFIRM",
                  "url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
                },
                {
                  "name": "https://launchpad.support.sap.com/#/notes/2529480",
                  "refsource": "CONFIRM",
                  "url": "https://launchpad.support.sap.com/#/notes/2529480"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "assignerShortName": "sap",
        "cveId": "CVE-2017-16690",
        "datePublished": "2017-12-12T14:00:00.000Z",
        "dateReserved": "2017-11-09T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:50:53.945Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }