{
  "affected": [
    {
      "database_specific": {
        "unresolved_ranges": [
          {
            "events": [
              {
                "introduced": "0"
              },
              {
                "last_affected": "4.07.000"
              }
            ]
          }
        ]
      }
    }
  ],
  "details": "A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code. Malicious code installation requires an access to the computer. By placing a specific DLL/OCX file, an attacker is able to force the process to load arbitrary DLL and execute arbitrary code in the context of the process.",
  "id": "CVE-2017-9961",
  "modified": "2026-03-14T13:49:49.822359570Z",
  "published": "2017-09-26T01:29:04.007Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-195-01/"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.securityfocus.com/bid/100114"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}