Описание
An uncontrolled search path element vulnerability has been found in the Duet Display product, affecting version 2.5.9.1. An attacker could place an arbitrary libusk.dll file in the C:\Users\user\AppData\Local\Microsoft\WindowsApps\ directory, which could lead to the execution and persistence of arbitrary code.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:duetdisplay:duet_display:2.5.9.1:*:*:*:*:windows:*:*
EPSS
Процентиль: 28%
0.00102
Низкий
7.8 High
CVSS3
Дефекты
CWE-427
Связанные уязвимости
CVSS3: 7.8
github
около 2 лет назад
An uncontrolled search path element vulnerability has been found in the Duet Display product, affecting version 2.5.9.1. An attacker could place an arbitrary libusk.dll file in the C:\Users\user\AppData\Local\Microsoft\WindowsApps\ directory, which could lead to the execution and persistence of arbitrary code.
EPSS
Процентиль: 28%
0.00102
Низкий
7.8 High
CVSS3
Дефекты
CWE-427