Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02
http://www.securitytracker.com/id/1033180
http://www.securitytracker.com/id/1033179
http://www.securityfocus.com/bid/75297
http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf