{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T23:32:01.585","vulnerabilities":[{"cve":{"id":"CVE-2015-3940","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2015-08-04T01:59:00.107","lastModified":"2026-05-06T22:30:45.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."},{"lang":"es","value":"Vulnerabilidad de ruta de búsqueda no confiable en Schneider Electric Wonderware System Platform en versiones anteriores a 2014 R2 Patch 01, permite a usuarios locales obtener privilegios a través de un Troyano DLL en un directorio no especificado."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:wonderware_system_platform_2014:r2:*:*:*:*:*:*:*","matchCriteriaId":"5FEF5B2C-ABD0-4D5D-AC38-6D91DAD5AC4C"}]}]}],"references":[{"url":"http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf","source":"ics-cert@hq.dhs.gov","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/75297","source":"ics-cert@hq.dhs.gov"},{"url":"http://www.securitytracker.com/id/1033179","source":"ics-cert@hq.dhs.gov"},{"url":"http://www.securitytracker.com/id/1033180","source":"ics-cert@hq.dhs.gov"},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/75297","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id/1033179","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id/1033180","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}