Описание
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory.
Ссылки
- Third Party Advisory
- ProductVendor Advisory
- Third Party Advisory
- ProductVendor Advisory
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
Связанные уязвимости
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory.
EPSS
7.8 High
CVSS3
4.4 Medium
CVSS2