exploitDog

CVE-2023-45252

Опубликовано: 01 дек. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges.

Ссылки

https://www.xlent.no/aktuelt/security-disclosure-of-vulnerabilities-cve-2023-45252-and-cve-2023-45253/
Exploit
Third Party Advisory
https://www.xlent.no/aktuelt/security-disclosure-of-vulnerabilities-cve-2023-45252-and-cve-2023-45253/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:huddly:huddlycameraservice:*:*:*:*:*:*:*:*

Версия до 8.0.7 (исключая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00049

Низкий

7.8 High

CVSS3

Дефекты

CWE-427

Связанные уязвимости

GHSA-25fc-rfx9-4jjq

CVSS3: 7.8

github

около 2 лет назад

DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges.

EPSS

Процентиль: 15%

0.00049

Низкий

7.8 High

CVSS3

Дефекты

CWE-427