Siemens Solid Edge WPHelper ActiveX Control OpenInEditor Method Arbitrary Command Execution
High Nessus Plugin ID 66840
SynopsisThe remote host has an ActiveX control that is affected by a command execution vulnerability.
DescriptionThe remote host has the Siemens Solid Edge WebPartHelper ActiveX control installed. This control is affected by a command execution vulnerability. By tricking a user into opening a specially crafted web page, an attacker could potentially execute arbitrary system commands via the 'OpenInEditor()' method.
SolutionDisable the WebPartHelper ActiveX control.