High severity7.8NVD Advisory· Published Aug 14, 2017· Updated May 13, 2026

CVE-2017-9646

Description

An Uncontrolled Search Path Element issue was discovered in Solar Controls Heating Control Downloader (HCDownloader) Version 1.0.1.15 and prior. An uncontrolled search path element has been identified, which could allow an attacker to execute arbitrary code on a target system using a malicious DLL file.

Affected products

Solarcontrols/Heating Control Downloader
cpe:2.3:a:solarcontrols:heating_control_downloader:*:*:*:*:*:*:*:*
Range: <=1.0.1.15

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/100261nvdThird Party AdvisoryVDB Entry
ics-cert.us-cert.gov/advisories/ICSA-17-222-02nvdMitigationThird Party AdvisoryUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000