Описание
Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for Windows that could allow attackers with local access to execute arbitrary code by executing the installer in the same folder as the malicious DLL. This can lead to the execution of arbitrary code with the privileges of the vulnerable application or obtain a certain level of persistence on the compromised host.
Ссылки
- Broken Link
- Third Party Advisory
- Broken Link
Уязвимые конфигурации
EPSS
7.3 High
CVSS3
7.8 High
CVSS3
Дефекты
Связанные уязвимости
Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for Windows that could allow attackers with local access to execute arbitrary code by executing the installer in the same folder as the malicious DLL. This can lead to the execution of arbitrary code with the privileges of the vulnerable application or obtain a certain level of persistence on the compromised host.
Уязвимость установщика программного средства защиты данных на USB-накопителях SanDisk SecureAccess, позволяющая нарушителю выполнить произвольный код
EPSS
7.3 High
CVSS3
7.8 High
CVSS3