{"containers":{"cna":{"affected":[{"product":"Opto 22 SoftPAC Project","vendor":"n/a","versions":[{"status":"affected","version":"SoftPAC Project Version 9.6 and prior"}]}],"descriptions":[{"lang":"en","value":"Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-427","description":"UNCONTROLLED SEARCH PATH ELEMENT CWE-427","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-05-14T20:36:36.000Z","orgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","shortName":"icscert"},"references":[{"tags":["x_refsource_MISC"],"url":"https://www.us-cert.gov/ics/advisories/icsa-20-135-01"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"ics-cert@hq.dhs.gov","ID":"CVE-2020-10616","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Opto 22 SoftPAC Project","version":{"version_data":[{"version_value":"SoftPAC Project Version 9.6 and prior"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"UNCONTROLLED SEARCH PATH ELEMENT CWE-427"}]}]},"references":{"reference_data":[{"name":"https://www.us-cert.gov/ics/advisories/icsa-20-135-01","refsource":"MISC","url":"https://www.us-cert.gov/ics/advisories/icsa-20-135-01"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T11:06:10.160Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.us-cert.gov/ics/advisories/icsa-20-135-01"}]}]},"cveMetadata":{"assignerOrgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","assignerShortName":"icscert","cveId":"CVE-2020-10616","datePublished":"2020-05-14T20:36:36.000Z","dateReserved":"2020-03-16T00:00:00.000Z","dateUpdated":"2024-08-04T11:06:10.160Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}