Описание
Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same application directory as the portable IP Helper application.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.00.0008 (включая)
cpe:2.3:a:bosch:ip_helper:*:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-427
CWE-427
Связанные уязвимости
github
больше 3 лет назад
Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same application directory as the portable IP Helper application.
EPSS
Процентиль: 19%
0.00061
Низкий
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-427
CWE-427