The uncontrolled search path element vulnerability allows an attacker to load and execute a malicious file from the ux32w.dll in third-party component Sentinel UltraPro.
Load and execute malicious file
InduSoft Web Studio versions prior to v8.1 SP3
InTouch Edge HMI versions prior to 2017 Update 3
Vendor recommends that users upgrade to the latest versions located the following links.
InduSoft Web Studio v8.1 SP3
InTouch Edge HMI 2017 Update 3