This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
An application running on the remote host is affected by an arbitrary
code execution vulnerability.
The remote host is running a version of Siemens SIMATIC ProSave prior
to version 13 Service Pack 1. It is, therefore, affected by an
arbitrary code execution vulnerability due to searching insufficiently
qualified paths when loading specific files and libraries. A local
attacker can exploit this with a specially crafted application file
which loads before the legitimate version, resulting in the execution
of arbitrary code under the privileges of the current user.
See also :
Upgrade to Siemens SIMATIC ProSave version 13 Service Pack 1
(1300.100.2201.15) or later.
Risk factor :
Medium / CVSS Base Score : 6.9