Description
Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions.
Published: 2026-02-10
Score: 4.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Untrusted DLL replacement allowing unauthorized code execution
Action: Update software
AI Analysis

Impact

The vulnerability allows an attacker who has compromised the installation host to replace the legitimate Enervista UR Setup DLL with a malicious file. This hijacked DLL can be executed by the installation software, giving the attacker the ability to run arbitrary code with the privileges of the service under which the UR Setup runs. The flaw is a classic DLL hijacking issue (CWE‑35), leading to unauthorized code execution.

Affected Systems

The affected product is GE Vernova Enervista UR Setup, version 8.6 and earlier, running on Windows operating systems. Users of those versions are at risk if the installation folder is writable by unauthenticated or low‑privileged local users.

Risk and Exploitability

The CVSS score is 4.6, indicating moderate severity, while the EPSS score is less than 1 %, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local compromise of the host machine; an attacker would need to gain sufficient privileges to write to the installation directory. Given the low probability of exploitation and the fact that the flaw requires a pre‑existing local compromise, the overall risk is moderate but should be mitigated promptly through patching or other controls.

Generated by OpenCVE AI on April 17, 2026 at 20:27 UTC.

Remediation

Vendor Solution

The EnerVista URPC installation software versions prior to 8.70, used an incorrect method of loading the DLL (dynamic Link Library) file by referencing it relative to the location of the installation folder. If the system in which the software is installed gets compromised, an attacker could exploit this weakness and replace the legitimate DLL with a malicious file. The EnerVista UR Setup software installation has been upgraded to address this vulnerability.

Vendor Workaround

As a workaround, GE Vernova recommends having secure infrastructure in place, which can protect the system. We also recommend that customers protect their digital devices using a defense-in-depth strategy. This includes, but is not limited to, placing digital devices inside the control system network security perimeter, access controls, robust network monitoring (such as Intrusion Detection System) and other mitigation techniques in place. Please refer to the product secure deployment guide. It is essential for organizations to prioritize cybersecurity measures, including regular vulnerability assessments and prompt application of security patches.

OpenCVE Recommended Actions

  • Apply the latest EnerVista URPC installation software (8.70 or later) to eliminate the DLL reference flaw.
  • Replace any existing Enervista UR Setup DLL files with the verified, vendor‑provided binary from the new installation package.
  • Harden the physical and logical perimeter of the Enervista system by placing it inside the control‑system network security zone and enforcing strict access controls.
  • Deploy and maintain intrusion detection and comprehensive network monitoring to detect anomalous DLL replacement attempts.

Generated by OpenCVE AI on April 17, 2026 at 20:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 04 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
References

Wed, 04 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
References

Fri, 27 Feb 2026 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-35
References

Wed, 11 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Ge Vernova
Ge Vernova enervista
Vendors & Products Ge Vernova
Ge Vernova enervista

Tue, 10 Feb 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 10 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
Description Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions.
Title Enervista UR Setup DLL Hijacking
References
Metrics cvssV3_1

{'score': 4.6, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N'}

Subscriptions

Ge Vernova Enervista
cve-icon MITRE

Status: PUBLISHED

Assigner: GE_Vernova

Published:

Updated: 2026-03-04T18:40:04.425Z

Reserved: 2026-02-02T14:36:45.715Z

Link: CVE-2026-1763

cve-icon Vulnrichment

Updated: 2026-02-10T20:29:39.156Z

cve-icon NVD

Status : Deferred

Published: 2026-02-10T20:16:53.073

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-1763

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T20:30:15Z

Weaknesses