cvedb.io
CVE-2021-34606
HIGH · CVSS 7.3
EPSS exploitation probability: 0%
Published 2022-05-11T15:15:08.420 · Last modified 2026-06-17T03:56:13.420

Summary

A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and sufficient file-write privileges. If exploited, the attacker could place a malicious DLL file on the system, that when running XINJE XD/E Series PLC Program Tool will allow the attacker to execute arbitrary code with the privileges of another user's account.

Affected products

xinje — xd\/e_series_plc_program_tool

Does this affect you?

Add your gear to cvedb and we'll alert you only when xinje ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.