Awingsoft.Winds3d.Command.Execution
Description
This indicates an attack attempt against a command-execution vulnerability in the Awingsoft Awakening Winds3D Viewer plugin.
The vulnerability is caused by an error when the vulnerable software handles a malicious Winds3D scene. It allows a remote attacker to execute arbitrary command by enticing the user to visit a malicious website.
Affected Products
Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5
Impact
System compromise
Recommended Actions
Temporarily disable the affected plugin.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |