CVE-2023-6061 Information

Description

Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries potentially allowing an attacker to execute malicious code via a DLL with a matching name in an accessible search path. The affected components are: MMXFax.exe winfax.dll

MelSim2ComProc.exe
Sim2ComProc.dll




MMXCall_in.exe    libdxxmt.dll
libsrlmt.dll

Reference

https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21