CWE:
 

Tytuł
Data
Autor
Med.
Progea Movicon 11.5.1181 Search Path Issues
01.11.2017
Karn Ganeshen
Med.
ArcServe UDP - Download Manager/Setup - DLL Hijacking
06.09.2016
sh4d0wman
High
ArcServe UDP - Unquoted Service Path Privilege Escalation
06.09.2016
sh4d0wman
Med.
Corel Software DLL Hijacking
14.01.2015
CORE
Med.
Karotz Smart Rabbit 12.07.19.00 Hijacking & Cleartext Token
02.08.2013
Daniel Crowley


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2020-06-11
Medium
CVE-2020-11613

Vendor: Mids\' reborn hero designer project
Software: Mids\' rebor...
 

 
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can replace binaries or plant malicious DLLs to obtain elevated, or different, privileges, depending on the context of the user that runs the application.

 
2020-06-10
Medium
CVE-2020-7585

Vendor: Siemens
Software: Simatic pcs 7
 

 
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC PDM (All versions), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF1). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.

 
Medium
CVE-2019-3613

Vendor: Mcafee
Software: Agent
 

 
DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.

 
2020-06-09
Medium
CVE-2020-9858

Vendor: Apple
Software: Windows migr...
 

 
A dynamic library loading issue was addressed with improved path searching. This issue is fixed in Windows Migration Assistant 2.2.0.0 (v. 1A11). Running the installer in an untrusted directory may result in arbitrary code execution.

 
2020-05-28
Low
CVE-2020-5357

Updating...
 

 
Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.

 
2020-05-21
Medium
CVE-2020-12431

Vendor: Splashtop
Software: Software updater
 

 
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with resultant DLL hijacking. This product is bundled with Splashtop Streamer (before 3.3.8.0) and Splashtop Business (before 3.3.8.0).

 
2020-05-16
Medium
CVE-2020-13110

Vendor: Kerberos project
Software: Kerberos
 

 
The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search.

 
2020-05-14
Medium
CVE-2020-10616

Vendor: Opto22
Software: Softpac project
 

 
Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts.

 
Medium
CVE-2020-10626

Vendor: Fazecast
Software: Jserialcomm
 

 
In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code.

 
2020-05-12
Medium
CVE-2020-6244

Vendor: SAP
Software: Business client
 

 
SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control the behavior of the application.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top