Moxa updated software to mitigate an uncontrolled search path element vulnerability in its SoftNVR-IA Live Viewer product, according to a report with ICS-CERT.
A video surveillance software designed for industrial automation systems, SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions suffer from the issue.
Successful exploitation of this vulnerability, discovered by independent security researcher Karn Ganeshen, may allow an attacker to execute code from a malicious DLL on the affected system with the same privileges as the application that loaded the malicious DLL.
No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable. High skill level is needed to exploit.
There is an uncontrolled search path element (DLL Hijacking) vulnerability. To exploit this vulnerability, an attacker could rename a malicious DLL to meet the criteria of the application, and the application would not verify that the DLL is correct.
The attacker would need to have administrative access to the default install location in order to plant the insecure DLL. Once loaded by the application, the DLL could run malicious code at the privilege level of the application.
CVE-2017-5170 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.2.
The product sees action in the critical manufacturing, energy, and transportation systems sectors. It also sees use on a global basis.
Taiwan-based Moxa provided software update Version 3.4 for SoftNVR-IA Live Viewer which fixes this vulnerability.