A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product.
Base Score: 6.8
Impact Score: 6.4
Exploitability Score: 8.6
cpe:2.3:a:schneider-electric:somachine_hvac:*:*:*:*:*:*:*:* versions up to 2.4.1 (inclusive)