- Description
- The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code via a crafted web site, related to a "Workbench32/WebHMI component SetTrustedZone Policy vulnerability."
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:iconics:bizviz:9.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B4F2D10-A4DD-4C7C-A5A8-BEDC23A413C2"
},
{
"criteria": "cpe:2.3:a:iconics:genesis32:9.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CDD1388-8FBF-4B3E-854E-B68D3EB6569B"
}
],
"operator": "OR"
}
]
}
]