Risk Summary
Successful exploitation of this vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code.
CVEs (1)
Remediations
- Fazecast recommends users update jSerialComm to Version 2.3 or later. The upgrade can be downloaded from the Fazecast website.
- Schneider Electric recommends users upgrade EcoStruxure IT Gateway to Version 1.8.1 or later. The upgrade can be downloaded from the Schneider Electric website.
Affected Vendors
Fazecast
Affected Products (2)
Fazecast
·
jSerialComm
<= 2.2.2
Fazecast
·
EcoStruxure IT Gateway
1.5.x | 1.6.x | 1.7.x
Affected Sectors
Critical Manufacturing, Information Technology
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more