Vulnerability Details : CVE-2021-34606
A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and sufficient file-write privileges. If exploited, the attacker could place a malicious DLL file on the system, that when running XINJE XD/E Series PLC Program Tool will allow the attacker to execute arbitrary code with the privileges of another user's account.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2021-34606
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less