High severity7.0NVD Advisory· Published Aug 25, 2017· Updated Jun 17, 2026
CVE-2017-9644
CVE-2017-9644
Description
An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An unquoted search path vulnerability may allow a non-privileged local attacker to change files in the installation directory and execute arbitrary code with elevated privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:automatedlogic:i-vu:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:automatedlogic:i-vu:*:*:*:*:*:*:*:*range: <=5.2
- (no CPE)range: <=6.5
cpe:2.3:a:automatedlogic:sitescan_web:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:automatedlogic:sitescan_web:*:*:*:*:*:*:*:*range: <=5.2
- (no CPE)range: <=6.5
- Range: <=6.5
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/100454nvdThird Party AdvisoryVDB Entry
- ics-cert.us-cert.gov/advisories/ICSA-17-234-01nvdMitigationThird Party AdvisoryUS Government Resource
- www.exploit-db.com/exploits/42542/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.