Ecava IntegraXor < 4.2.4488 Privilege Escalation
Medium Nessus Plugin ID 82698
SynopsisA SCADA application installed on the remote Windows host is affected by a privilege escalation vulnerability.
DescriptionThe version of Ecava IntegraXor SCADA Server installed on the remote Windows host is prior to version 4.2.4488. It is, therefore, affected by a privilege escalation vulnerability due to using an insecure path when loading DLL files. A local attacker with administrative access to the default installation location can exploit this flaw to plant a malicious DLL file containing code that can then be run with the privileges of the application.
SolutionUpgrade to version 4.2.4488 or later.