{"vulnerability": "CVE-2021-38410", "sightings": [{"uuid": "de341149-cfb6-4ee4-af7b-fc6df48e041e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38410", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12259", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-38410\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: AVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path.\n\ud83d\udccf Published: 2022-07-27T20:23:04.000Z\n\ud83d\udccf Modified: 2025-04-17T15:49:43.702Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-21-252-01\n2. https://www.aveva.com/en/support-and-success/cyber-security-updates/", "creation_timestamp": "2025-04-17T15:57:39.000000Z"}, {"uuid": "933e4639-c637-444b-9d8e-9ab5e5536726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38410", "type": "seen", "source": "https://t.me/cibsecurity/47127", "content": "\u203c CVE-2021-38410 \u203c\n\nAVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-28T00:36:39.000000Z"}]}