UCanCode.E-XD.Visualization.UCCSIMPLE.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a Remote Code Execution vulnerability in UCanCode E-XD++ Visualization Enterprise Suite.
The vulnerability is due to improper handling of pointer references by UCCSIMPLE.UCCSIMPLECtrl.1 Control (UCCSimple.ocx). An attacker may provide a pointer to a specially crafted object which allows execution of arbitrary code, in the context of the Internet Explorer renderer process.

affected-products-logoAffected Products

UCanCode E-XD++ Visualization Enterprise Suite Versions 25.01 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-07-12 25.599 Default_action:pass:drop
2023-07-04 24.593