Описание
OpenOrange Business Framework 1.15.5 provides unprivileged users with write access to the installation directory.
OpenOrange Business Framework 1.15.5 provides unprivileged users with write access to the installation directory.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-42048
- https://attack.mitre.org/techniques/T1574/001
- https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibrarya
- https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibraryexa
- https://docs.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-search-order
- https://landings.openorange.com/l/erp-peru-a.html
- https://raw.githubusercontent.com/securityadvisories/Security-Advisories/refs/heads/main/Advisories/Blaze%20Information%20Security%20-%20DLL%20Hijacking%20in%20OpenOrange%20Business%20Framework%20Allows%20Arbitrary%20Code%20Execution%20and%20Potential%20Privilege%20Escalation.txt
- https://resources.infosecinstitute.com/topic/dll-hijacking
- https://support.microsoft.com/en-us/topic/secure-loading-of-libraries-to-prevent-dll-preloading-attacks-d41303ec-0748-9211-f317-2edc819682e1
- https://www.openorange.com
Связанные уязвимости
CVSS3: 6.5
nvd
6 месяцев назад
OpenOrange Business Framework version 1.15.5 installs to a directory with overly permissive access control, allowing all authenticated users to write to the installation path. In combination with the application's behavior of loading DLLs from this location, this allows for DLL hijacking and may result in arbitrary code execution and privilege escalation.