Unrated severityNVD Advisory· Published Jul 26, 2012· Updated Apr 29, 2026
CVE-2012-3005
CVE-2012-3005
Description
Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server, Wonderware Information Server, Foxboro Control Software, InFusion CE/FE/SCADA, InBatch, and Wonderware Historian, allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
Affected products
14cpe:2.3:a:invensys:foxboro_control_software:3.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:invensys:foxboro_control_software:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:invensys:foxboro_control_software:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:invensys:infusion_ce\/fe\/scada:*:*:*:*:*:*:*:*Range: <=2.5
cpe:2.3:a:invensys:intouch\/wonderware_application_server:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:invensys:intouch\/wonderware_application_server:*:*:*:*:*:*:*:*range: <=2012
- cpe:2.3:a:invensys:intouch\/wonderware_application_server:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:invensys:intouch\/wonderware_application_server:10.5:*:*:*:*:*:*:*
cpe:2.3:a:invensys:wonderware_historian:10.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:invensys:wonderware_historian:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:invensys:wonderware_historian:*:sp1:*:*:*:*:*:*range: <=10.0
cpe:2.3:a:invensys:wonderware_information_server:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:invensys:wonderware_information_server:*:*:*:*:*:*:*:*range: <=4.5
- cpe:2.3:a:invensys:wonderware_information_server:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:invensys:wonderware_information_server:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.us-cert.gov/control_systems/pdf/ICSA-12-177-02.pdfnvdUS Government Resource
News mentions
0No linked articles in our index yet.