Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-8702

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-09 Jun, 2021 | 18:47
Updated At-04 Aug, 2024 | 10:03
Rejected At-
Credits

Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:09 Jun, 2021 | 18:47
Updated At:04 Aug, 2024 | 10:03
Rejected At:
▼CVE Numbering Authority (CNA)

Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) Processor Diagnostic Tool
Versions
Affected
  • before version 4.1.5.37
Problem Types
TypeCWE IDDescription
textN/Aescalation of privilege
Type: text
CWE ID: N/A
Description: escalation of privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html
x_refsource_MISC
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html
x_refsource_MISC
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:09 Jun, 2021 | 19:15
Updated At:22 Jun, 2021 | 21:09

Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary2.04.4MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.4
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Intel Corporation
intel
>>processor_diagnostic_tool>>Versions before 4.1.5.37(exclusive)
cpe:2.3:a:intel:processor_diagnostic_tool:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-427Primarynvd@nist.gov
CWE ID: CWE-427
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

366Records found
CVE-2023-28740
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.05%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-15 Oct, 2024 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsquickassist_technology_libraryquickassist_technologyquickassist_technology_firmwareIntel(R) QAT drivers for Windows - HW Version 2.0qat_drivers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-35769
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) CIP software before version 2.4.10577 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-computing_improvement_programIntel(R) CIP softwarecomputing_improvement_program
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-36493
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 32.72%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) SDK for OpenCL(TM) Applications software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-software_development_kit_for_openclIntel(R) SDK for OpenCL(TM) Applications softwarefield_programmable_gate_array_software_development_kit_for_opencl
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-34430
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-30 Aug, 2024 | 15:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-battery_life_diagnostic_toolIntel Battery Life Diagnostic Tool software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-35060
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Battery Life Diagnostic Tool software before version 2.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-battery_life_diagnostic_toolIntel(R) Battery Life Diagnostic Tool softwarebattery_life_diagnostic_tool
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-35192
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 32.22%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzers_frameworkIntel(R) GPA Framework softwaregraphics_performance_analyzer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-34350
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 23.06%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-extreme_tuning_utilityIntel(R) XTU software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-14600
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.49%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 17:33
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the installer for Intel(R) SNMP Subagent Stand-Alone for Windows* may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-snmp_subagent_stand-aloneIntel(R) SNMP Subagent Stand-Alone for Windows*
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-27298
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.27% / 49.89%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wake_up_latency_tracerWULT software maintained by Intel(R)
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-28696
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.85%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:57
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-distribution_for_pythonIntel(R) Distribution for Python
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-32272
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.9||HIGH
EPSS-0.08% / 24.15%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3.0.0.6 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_software_suiteIntel NUC Pro Software Suite Configuration Tool software installers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-31197
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.07%
||
7 Day CHG~0.00%
Published-12 May, 2023 | 14:01
Updated-24 Jan, 2025 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectorIntel(R) Trace Analyzer and Collector
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25999
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.85%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:56
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-enpirion_digital_power_configurator_guiversion
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2018-12160
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 10.13%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.

Action-Not Available
Vendor-Intel Corporation
Product-data_migration_softwareIntel(R) Data Migration Software
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2018-12163
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.17% / 38.58%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.

Action-Not Available
Vendor-Intel Corporation
Product-iot_developers_kitIntel IoT Developers Kit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-32618
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapiIntel(R) oneAPI Toolkit and component software installersoneapi_base_toolkitoneapi_ai_analytics_toolkitoneapi_hpc_toolkitinspectoroneapi_deep_neural_networkoneapi_iot_toolkitadvisor
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-24977
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 4.62%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-12 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-license_manager_for_fleximIntel(R) License Manager for FLEXlm product softwarelicense_manager_for_flexlm_product_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-26027
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-simics_package_managerIntel(R) Simics Package Manager softwaresimics_package_manager
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-33101
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.14%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-23909
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-field_programmable_gate_array_software_development_kit_for_openclIntel(R) FPGA SDK for OpenCL(TM) software technologyfield_programmable_gate_array_software_development_kit_for_opencl
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-32576
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.05%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel(R) Unite(R) Plugin SDK
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-38101
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.05%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update software before version iFlashV Windows 5.13.00.2105 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-iflashvnuc_board_nuc8cchbnuc_8_rugged_kit_nuc8cchkrIntel(R) NUC Chaco Canyon BIOS update software
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-30548
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.36%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-glorpIntel(R) Glorp software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-33064
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.36%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:49
Updated-29 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_studioIntel(R) System Studio
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-0169
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.87%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in Windows 10 and 11
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-23449
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.05% / 14.37%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:07
Updated-03 Aug, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path.

Action-Not Available
Vendor-Siemens AG
Product-simatic_energy_manager_prosimatic_energy_manager_basicSIMATIC Energy Manager BasicSIMATIC Energy Manager PRO
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24162
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.27%
||
7 Day CHG~0.00%
Published-03 Sep, 2020 | 16:11
Updated-04 Aug, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Shenzhen Tencent app 5.8.2.5300 for PC platforms (from Tencent App Center) has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code.

Action-Not Available
Vendor-tencentn/a
Product-tencentn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-29444
Matching Score-4
Assigner-Dragos, Inc.
ShareView Details
Matching Score-4
Assigner-Dragos, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.03% / 7.25%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 17:06
Updated-14 May, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncontrolled Search Path Element in PTC's Kepware KEPServerEX

An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their malicious version to gain initial access and code execution.

Action-Not Available
Vendor-ptcPTC
Product-thingworx_kepware_serverthingworx_industrial_connectivitykepware_kepserverexKepware KEPServerEXThingWorx Kepware ServerThingWorx Industrial Connectivity
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24161
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.27%
||
7 Day CHG~0.00%
Published-03 Sep, 2020 | 16:10
Updated-04 Aug, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Guangzhou NetEase Mail Master 4.14.1.1004 on Windows has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code.

Action-Not Available
Vendor-163n/a
Product-netease_mail_mastern/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-37130
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.07% / 22.96%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 01:34
Updated-09 Jan, 2025 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the machine. Exploitation may lead to a complete system compromise.

Action-Not Available
Vendor-Dell Inc.
Product-openmanage_server_administratorDell OpenManage Server Administratoropenmanage_server_administrator
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-22528
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-7.8||HIGH
EPSS-0.10% / 29.24%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 03:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The issue is with the ASE installer and does not impact other ASE binaries.

Action-Not Available
Vendor-SAP SEMicrosoft Corporation
Product-adaptive_server_enterprisewindowsSAP Adaptive Server Enterprise
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-28080
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.38%
||
7 Day CHG~0.00%
Published-30 May, 2023 | 15:24
Updated-10 Jan, 2025 | 16:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.

Action-Not Available
Vendor-Dell Inc.
Product-powerpathPowerPath Windows
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-34019
Matching Score-4
Assigner-Acronis International GmbH
ShareView Details
Matching Score-4
Assigner-Acronis International GmbH
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-29 Aug, 2024 | 19:12
Updated-12 Sep, 2024 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.

Action-Not Available
Vendor-Acronis (Acronis International GmbH)
Product-snap_deployAcronis Snap Deploysnap_deploy
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24158
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.27%
||
7 Day CHG~0.00%
Published-03 Sep, 2020 | 16:09
Updated-04 Aug, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

360 Speed Browser 12.0.1247.0 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. It is a dual-core browser owned by Beijing Qihoo Technology.

Action-Not Available
Vendor-360n/a
Product-speed_browsern/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-2313
Matching Score-4
Assigner-Trellix
ShareView Details
Matching Score-4
Assigner-Trellix
CVSS Score-8.2||HIGH
EPSS-0.04% / 9.66%
||
7 Day CHG~0.00%
Published-27 Jul, 2022 | 09:25
Updated-03 Aug, 2024 | 00:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL high jacking in Trellix Agent

A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed.

Action-Not Available
Vendor-Musarubra US LLC (Trellix)McAfee, LLC
Product-agentTrellix Agent (TA)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24160
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.27%
||
7 Day CHG~0.00%
Published-03 Sep, 2020 | 16:10
Updated-04 Aug, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code.

Action-Not Available
Vendor-tencentn/a
Product-timn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-34017
Matching Score-4
Assigner-Acronis International GmbH
ShareView Details
Matching Score-4
Assigner-Acronis International GmbH
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-29 Aug, 2024 | 19:14
Updated-12 Sep, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.

Action-Not Available
Vendor-Acronis (Acronis International GmbH)
Product-snap_deployAcronis Snap Deploysnap_deploy
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-26266
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.03% / 5.72%
||
7 Day CHG~0.00%
Published-21 Feb, 2023 | 00:00
Updated-14 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In AFL++ 4.05c, the CmpLog component uses the current working directory to resolve and execute unprefixed fuzzing targets, allowing code execution.

Action-Not Available
Vendor-afl\+\+_projectn/a
Product-afl\+\+n/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-32857
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.03% / 7.78%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 08:37
Updated-08 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege

Action-Not Available
Vendor-Dell Inc.
Product-peripheral_managerDell Peripheral Managerperipheral_manager
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-22947
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.02% / 3.71%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 00:00
Updated-07 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that "We consider the ACLs a best effort thing" and "it was a documentation mistake."

Action-Not Available
Vendor-shibbolethn/aMicrosoft Corporation
Product-windowsservice_providern/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-20722
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.07% / 23.06%
||
7 Day CHG~0.00%
Published-24 May, 2021 | 03:20
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory.

Action-Not Available
Vendor-FUJITSU LIMITED and PFU LIMITEDFujitsu Limited
Product-scansnap_managerThe installers of ScanSnap Manager and the Software Download Installer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-22818
Matching Score-4
Assigner-Western Digital
ShareView Details
Matching Score-4
Assigner-Western Digital
CVSS Score-7.3||HIGH
EPSS-0.02% / 3.75%
||
7 Day CHG~0.00%
Published-15 Nov, 2023 | 20:03
Updated-29 Aug, 2024 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple DLL Search Order hijacking Vulnerabilities in SanDisk Security Installer for Windows

Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for Windows that could allow attackers with local access to execute arbitrary code by executing the installer in the same folder as the malicious DLL. This can lead to the execution of arbitrary code with the privileges of the vulnerable application or obtain a certain level of persistence on the compromised host. 

Action-Not Available
Vendor-Western Digital Corp.Sandisk Corp.
Product-sandisk_security_installerSanDisk Security Installer for Windows
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-18173
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.48%
||
7 Day CHG~0.00%
Published-26 Jul, 2021 | 18:26
Updated-04 Aug, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code.

Action-Not Available
Vendor-1passwordn/a
Product-1passwordn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-5180
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.02% / 3.71%
||
7 Day CHG~0.00%
Published-26 May, 2025 | 10:00
Updated-03 Jun, 2025 | 15:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wondershare Filmora Installer NFWCHK.exe uncontrolled search path

A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue is some unknown functionality in the library CRYPTBASE.dll of the file NFWCHK.exe of the component Installer. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-wondershareWondershareMicrosoft Corporation
Product-filmorawindowsFilmora
CWE ID-CWE-426
Untrusted Search Path
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-16143
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.59%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 21:48
Updated-04 Aug, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijacking because it loads exchndl.dll from the current working directory.

Action-Not Available
Vendor-seafilen/a
Product-seafile-clientn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-15167
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-0.12% / 31.54%
||
7 Day CHG~0.00%
Published-02 Sep, 2020 | 17:55
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary code execution via configuration file in Miller

In Miller (command line utility) using the configuration file support introduced in version 5.9.0, it is possible for an attacker to cause Miller to run arbitrary code by placing a malicious `.mlrrc` file in the working directory. See linked GitHub Security Advisory for complete details. A fix is ready and will be released as Miller 5.9.1.

Action-Not Available
Vendor-johnkerljohnkerl
Product-millermiller
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-30376
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.3||HIGH
EPSS-0.08% / 25.14%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 20:05
Updated-09 Jan, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Famatech Advanced IP Scanner. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the application's use of Qt. The application loads Qt plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of an administrator. Was ZDI-CAN-20768.

Action-Not Available
Vendor-radminFamatechfamatech
Product-advanced_ip_scannerAdvanced IP Scanneradvanced_ip_scanner
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-4894
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-7.3||HIGH
EPSS-0.12% / 31.98%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 20:13
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.

Action-Not Available
Vendor-SamsungHP Inc.
Product-7fq92a\#ab18af51a714z8a_firmwaress256h_firmwaress272q_firmwaress278ass395a_firmwaress388kst682a_firmwaress383f_firmwaress359ess150t8af50a_firmwaress211c_firmwaress213ess395c_firmwaress365g_firmware7fr04a\#ab1ss344b_firmwaress152a_firmwaress272c_firmwaress370a_firmware7gf50a\#ab1209u7ass196fss365j_firmwarest686css042d_firmwaress150p_firmwaress108j_firmwaress204ess103a_firmwarest690css272n_firmwaresv531ass404q3b0c3a\#ab1_firmwarest695b_firmware7gf55a\#ab1_firmwaress196g_firmwaress106j_firmwaress339fss204dss210j_firmwaress076sss076d_firmwaress342d_firmwaress229fss389z_firmwaress154a_firmwaress343e_firmwaress397q_firmwaress326est679h_firmwaress370ass256kst694ass357a_firmwaress150j_firmware6hu09a_firmwaress334ess352h_firmwaress365lss389z7gf53a\#ab1_firmwaress276bss341ass268a_firmwaress075bss150lss106lss327css272d_firmwarest688jss196f_firmwaress041jss075kss287a_firmwaress256tss383h_firmware3a9x2a\#301ss389mss396c_firmware715a6a715a3ass153f_firmwaress256n_firmwaress359hss105gss256p_firmwaress355a3a9x1a\#ab1ss210c_firmwaress378d_firmwaress271lss218h_firmwaress353ass229c_firmwaress335fss216v_firmwaress042fss153kss257l_firmwaress256m_firmwaress027lss272nss108k_firmwarest688g_firmwaress255c_firmwaress058b_firmwaress336a_firmwaress271ass042b_firmware7fq87a\#ab1ss076k3a9x3a\#ab1_firmware3b0c0a\#301_firmwaress107j_firmwaresw192a_firmwarest688e_firmware8pa11a\#301_firmwaress325ass350ass395mss058a_firmware4zb93ass076e_firmwaress150q_firmwaress205p_firmware7ab26a_firmwaress273b_firmwaress397lss369a_firmware7fq89a\#ab1_firmwaress349ass216hss150k_firmwaress383v4zb89ass058g_firmware3b0c9a\#304_firmwaress044jss204f_firmwaress280ass044k_firmwaress340c_firmwaress389gss369d_firmwaress275a_firmwaress334c_firmwaress384ass229ess389pss388fss395g_firmwaress383p_firmwaress335e_firmwarest687ass076l_firmwaress395pss058gss150bss398dss352mss352k_firmwaress385ass213gss272e_firmwaress348a_firmwaress216jss216q_firmwaress049dss033j3a9x3a\#ab1ss229gst682ast694dss236ass254css229f_firmwaress334d_firmwaress388lst688css368h_firmwaress216sss076w_firmwaress386fss359fss272f_firmwaress352ess257e_firmwaress105b_firmwaress218css353c_firmwaress392css365fss218j_firmwaress368css404jss398css229hss257c_firmwaress328a_firmwaress205l_firmwaress234ass382a_firmwaress210ass105dss365mss042bss033lss149a_firmwaress359h_firmwaress323ass195ass359kss198a_firmwaress384dss229j_firmwaress108ass229css218ass229h_firmwaress383q_firmware7fq92a\#ab1_firmwaress383a_firmwaress341a_firmwaress211k_firmwaress108f_firmwaress150t_firmwaress236a_firmwaress388f_firmwaress076d3b0c6a\#312_firmwaress150g7gf48a\#ab1_firmwaress195a_firmwaress237a_firmwaress075b_firmware715a1ass349c_firmwaress230q_firmware3b0c5a\#ab1ss368ess273bss254bss216k_firmware715a2a_firmwaress365d_firmwaress044bss257jst673a_firmwaress211j_firmwaress335a_firmwaress383uss389lss230f_firmwaress027k7gf54a\#ab1_firmwaress043gss076q2zn50a_firmwaress033l_firmwaress378fss212a_firmwaress211d_firmwaress389b_firmwaress210e_firmwaress104ass229e_firmwaress108h_firmwaress211jss108gss389h_firmwaress261ass393bss369bss326e_firmwaress343fss272bss353g_firmwaress076j3a9x4a\#ab1ss204jss218hss150css378dss076v_firmwaress383nss219e_firmwarest679b_firmwaress271p_firmwaress213a_firmware3b0c1a\#304ss272l_firmwaress211nss256a_firmwaress044b_firmwarest673dss395e_firmwarest682css033bss152css274ass232ass027f_firmwaress378e_firmwaress076q_firmwaress271q_firmwaress353h_firmware8pa10a\#301ss342ess353d_firmwaress352g_firmwaress369ass404h_firmwaress397kss340css259a4zb85a_firmwaress365gss107b_firmwaress394a_firmwaress230s_firmwaress210m_firmwaress216kss107n_firmwaress043b_firmware4zb79ass365k_firmwaress256f_firmwaress352gss383g_firmwaress327dst686b_firmware715a0a_firmwaress107h_firmwaress392a3a9x8a\#ab1_firmwaress380a_firmwaress349f_firmware4zb83ass218jss377h_firmwaress027jss075j_firmwaress359z_firmwaress150dss204n_firmwaress106h7fq88a\#ab1_firmwaress369ess334f_firmwaress216qss335gss396d_firmwarest693dst690c_firmwaress043j_firmwaress205h_firmwaress076css353dss197ass333ass377bst682b_firmwaress255ass230k_firmwaress150qss398f_firmwaress396hst688a_firmwaress276ass325a_firmwaress027k_firmware4zb87a_firmwaress359e_firmwaress404hst693d_firmwaress041ess058hss256nss106g_firmwaress033h_firmwaress211f_firmwaress216f_firmwaress359f_firmwaress205zst694a_firmwaress058css043d_firmwaress257nss205u3b0c6a\#312ss343g_firmwaress106jss395qss256e_firmware7fq93a\#ab1ss388e_firmwaress352n_firmwaress334dss216lss379ass389v_firmwaress107c_firmware7fq94a\#ab1st686h_firmwaress342a_firmwaress380b_firmwaress076k_firmwarest688bss383u_firmwaress404css379b_firmwaress044d_firmwaress377gss230zss204m_firmwaress271m_firmwaress353f_firmwaress059ess335b4zb96a_firmwaress106k_firmwaress218b_firmwarest693bss150f_firmwaress075d_firmware3a9x1a\#ab1_firmware9vv52a_firmwarest679a_firmware7fq88a\#ab1ss153b_firmwaress049n_firmwaress216p_firmwaress151ass257g_firmwaress256j_firmwaress107k_firmwaress153d_firmwaress383yss257bss404z4zb85ass272m_firmwaress335ess275bss383tss386d_firmwaress152b_firmwaress383z_firmwaress205lss336ass365c_firmwaress041a_firmwaress049m_firmware4zb92ass210m4zb96ass359q_firmwaress327a_firmwaress205f_firmware7fq97a\#ab1_firmwaress343a_firmwarest673ass105h_firmwaress209a_firmwaress213g_firmwaress076s_firmwaress383zst683d_firmwaress282css211h_firmwaress041fss211b3b0c8a\#ab1ss338ass105ess209ass352m_firmwaress254e_firmwaress397b_firmwaress230g_firmwaress230est684a_firmwaress205s_firmwaress033j_firmwaress383y_firmwaress105hw7u02a_firmwaress272a_firmwaress335d_firmwaress211gss368ass384b_firmwaress335f_firmwaress044j_firmware715a1a_firmwaress256l_firmware7fq99a\#ab1_firmwaress377fst683dss150c_firmwaress216gsv899d_firmwaress285a_firmwaress282b_firmwaress058ass404gss049nss150ass044ess105g_firmwaress396css390dss205t_firmwaress351ass389hst689a_firmwaress042css284a_firmwaress339a_firmwaress211hss398e_firmwaress359lss150b_firmwaress210jss386css230m_firmwaress368c_firmwaress272g7fr00a\#ab1ss235a_firmwaress395m_firmwarest695css353j_firmwaress152d_firmwaress397css041hss257a_firmwaress229a_firmwaress218gss230gss378a_firmwaress365jss272zss349c3b0d3a\#301ss255b_firmwaress059e_firmware1vr14a_firmwaress274a_firmwaress388j_firmwaress389dss272jss352q_firmwaress283ass216j_firmwaress272b_firmwaress339ess262a_firmwaress368a_firmwaress389e_firmwarest689ass044css059a_firmwaress404g_firmwaress041f_firmware6hu08ass330ass388l_firmwaress027fss257kss059d_firmwaress335dss378c\#304ss230a_firmwaress210css368d_firmwaress107mss369e_firmwaress058h_firmwaress390hss153gss404k_firmwaress342css339dss257m_firmwarest688h_firmwaress049f_firmware3b0c4a\#301_firmwaress257zss153css383wss041d_firmwaress076j_firmwaress219a_firmwaress266ass365c8af50asv899dss377g_firmwaress257j_firmwaress219a6hu10ass395d_firmwaress075css106sss199ass395hss211kss075d8af51a_firmware7fr00a\#ab1_firmwaress042g_firmwaress108d_firmwaress271bss044fss106ess397a_firmwaress205kss326css049c_firmwaress217ass352sss216m_firmwaress359zss211lss106tss388jss398esv899css404kss042a_firmwaress359n_firmwaress389u_firmware4zb95a3b0d1a\#ab1ss353fsw116bss076lss388css219css354ass398c_firmwarest695ass211b_firmwaress343c_firmwaress059c_firmwaress340ass076pss339e_firmwaress271nss233ass395s_firmwarest695c_firmware714z9a_firmwaress395kss043e_firmwaress210k_firmwaress368hss218e_firmwaress377e_firmware7uq76ass027d_firmwaress265a_firmware3b0d1a\#ab1_firmwarest686d_firmwaress254e715a5a_firmware7zb72a_firmwaress388b_firmwaress108c3b0c4a\#301ss033a_firmwaress352l_firmwaress390bss378gss391b_firmwaress105e_firmwaress058est679ass404z_firmwaress395l_firmwaress359dss327ast686fss205k_firmwaress106e_firmware4zb88a_firmwaress254c_firmwaress281ass277a7uq76a_firmwaress391ess324a_firmwaress076b_firmwaress397bss287b_firmwaress383x_firmwaress076tss196a_firmwaress075jss404dss153bss043l_firmwaress271c_firmwaress272hss076u_firmwaress377kss389q_firmware3b0c5a\#ab1_firmwaress254f_firmwaress383n_firmwaress230d_firmwaress390ess043c_firmwaress395lss230b_firmwaress204kss230pss276a_firmwaress395h_firmware7fq86a\#ab1_firmwarest688c_firmwaress359b_firmwaress353e_firmwaress365b6hu12a_firmwaress353hss343css216b_firmwaress365b_firmwaress391dss205nss205hss256d_firmwaress391c_firmwaress058f_firmwaress340dss332a_firmwaress254d_firmwaress356a_firmwaresw176bss044e_firmwaress339c_firmwaress204l6hu11ass380ass033g_firmwaress196dss106mss271kss216u_firmwaress216nss404l_firmwaress197a_firmware7zb20a_firmwaress348css271pss384a_firmwaress027ass108b_firmwaress256z_firmwaress218bss257dss230c_firmwaress279a2zn49a_firmwaress107qss204d_firmwarest679d_firmwaress393a_firmwaress027gst690d_firmwaress108a_firmware8pa14a\#302sv531a_firmwaress106d_firmwaress075a_firmwaress387a_firmwaress049bss257qss204h_firmware7fq90a\#ab1_firmwaress329ass076uss042dss388gss076hss255a_firmwaress398b_firmwaress330css075g_firmwaress404e_firmwaress102a_firmwaress281bss106fsv901b_firmwaress076ass275c_firmwaress108j715a3a_firmwaress288a6hu08a_firmwaress042a7gf51a\#ab1ss219f_firmwaress106n_firmwaress395dss210d715a6a_firmwaress404q_firmwaress211mss216d_firmware7fq98a\#ab1ss106css033fss195b_firmwaress377jss154ass367css383xss216a_firmwaress076bss334a_firmwarest693b_firmwaress106g8pa13a\#302ss256lss264a_firmwaress205css210g_firmwaress230h_firmwarest683bss106b_firmwaress390fss326dss213h_firmwaress211l_firmwaress027l_firmwaresw176a_firmwaress404b_firmwaress076xss327c_firmwaress027h_firmware8pa12a\#302_firmwaress271jss377p7fq91a\#ab1ss059g_firmwaress369dss271tss404e7fq94a\#ab1_firmwaress043dss343b_firmwaress386bss230p_firmwaress204c_firmwaress076ess383s_firmwaress404a_firmwaress342g_firmwaress365l_firmware7fq99a\#ab1ss256ass278a_firmwaress058jss353a_firmwaress353bss027g_firmwaress049k_firmwaress150a_firmwaress339gss265ass281b_firmwaress254dss075f_firmwaress256g_firmwaress041c_firmwaress383l_firmwaress107f_firmwaress105d_firmware4zb89a_firmwaress262ass331a_firmware3b0c0a\#301ss388k_firmwaress204bss058j_firmwaress107ast690bss153l_firmwarest694b_firmwaress383kss389s_firmware7gf47a\#ab1_firmwaress106zss271g_firmwaress378hss330c_firmwaress058fss276c_firmwaress359g_firmwaress258a_firmware8pa13a\#302_firmwarest686ass150h_firmwaress383bss267bss218ess106c_firmwaress218fss152bss377lss383qss076f_firmwaress397ass107g_firmwaress043kss033kss276b_firmwaress049e_firmwaress339g_firmwaress279a_firmwaress342fst686gss272f7fr03a\#ab1ss377nss396e_firmwarest683b_firmwaress033k_firmware7gf52a\#ab1_firmwaress359mss281a_firmwaress104a_firmwaress271dss395nss076mss391css275b_firmwaress342bss379a_firmwaress218a_firmwaress344a7fr04a\#ab1_firmwaress333a_firmwaress281css076t_firmwaress150n_firmwaress151bss330bss344b3b0c8a\#ab1_firmwaress352lss106f_firmware7zb25asv899c_firmwaress059bss059fss234a_firmwaress391ass348b_firmwaress348c_firmware6hu11a_firmwaress377j_firmwaress356ass027a_firmware7gf53a\#ab14zb79a_firmwaress256css395jss352f_firmwaress232a_firmware4zb90ass210n_firmware2zn49ass256jss049ess404pss049css383e_firmwarest688gss396bw7u01a_firmwaress368g_firmwaress257h_firmwaress272qss106nss230css027j_firmwaress329a_firmwaress044mss271k_firmwaress256q7gf50a\#ab1_firmwaress237bss342gss216g_firmwaress205d_firmwaress049lss254fss213e_firmwaress033mss397j_firmwaress349fss396h_firmwaress049a7zb21a_firmwaress205m_firmwaress107fss359c7fq97a\#ab1ss397h4zb95a_firmwaress359l_firmwaress335g_firmwaress044ass210d_firmwaress395bss044m_firmwaress377k_firmwaress106bss391bss339b_firmwaress322bss387ass271h_firmwaress386ass213hss076g_firmware8af49a_firmwaress404ast693a_firmwaress049jss352bst688hss042c_firmwaress043f_firmwaress336bss196h_firmwarest694d_firmwaress271e_firmwaress075k_firmwaress219b_firmwaress257ess205c_firmwaress272s_firmware7fq90a\#ab1ss261a_firmwaress108l_firmwaress352h4zb91ass075hss367ass271fss268bss263ass210f_firmwaress219fss398a_firmware8pa12a\#302ss380bss352b_firmwaress105jss286a_firmwaress389kss383gst695dss396ess027e3a9x8a\#ab1ss076m_firmwaress353b_firmwaress213c_firmwaress256mss042jss395sss365f_firmwaress210n7fq98a\#ab1_firmwaress349ess383hss381ass326d_firmwaress198ass267a_firmware7fr03a\#ab1_firmwaress218c_firmwaress272u_firmwaresw176ass230t_firmwaress049fss386e_firmwaress216l_firmwaress230j_firmwaress391e_firmwaress151a_firmware3b0c7a\#301_firmwaress389u7fq96a\#ab1_firmwaress257mss058dss393c_firmwarest686hss076vss256k_firmwarest679hss107dss390ass352a_firmwaress230nst686e_firmware8af52ass230z_firmwaress205fss388a_firmwaress041b_firmwaress211e_firmwaress150fss389n_firmwaress257p_firmwaress205qss404m_firmwaress383t_firmwaress359jss106p_firmwaress153ass343kss366ass342c_firmwaress218f_firmwaress396fss397p_firmwaress043h714z9ass352kss389t7fq86a\#ab1ss076h_firmwaress271d_firmwaress326bss392a_firmwaress396b_firmwaress230mst684ass335ass359gss268ass339f_firmwaress257q_firmwaress398fss283a_firmwaress404lss391fss378c\#304_firmwaress386a_firmwaress105j_firmwaress395n_firmwaress389g_firmwarest688dss211m_firmwaress383j_firmwaress352e_firmwaress339bss390d_firmwaress378b_firmwaress254g_firmware7gf54a\#ab1ss396g_firmwaress211ess367a_firmware7fr05a\#ab1_firmwaress395p_firmwaress027css277a_firmwaress353css328ass043a_firmwaress397pss284b_firmwaress150m4zb86ass332ass102ass389m_firmwaress204ass033ass108hss059b_firmwaress254a_firmwaress196hss326ass106m_firmwaress258ass280a_firmwaress359c_firmwaress359bss369c4zb84a_firmwaress387bss049d_firmwaress230n_firmwaress213d8af49a4zb90a_firmwaress336b_firmwaress353jss263bss272css379bst679f_firmwaress257d_firmware714z6a_firmwaress041g_firmwaress256c_firmwaress027dss396dst679fss367d_firmware4zb82ass042f_firmwaress219bss107bsw116b_firmware7gf52a\#ab1ss204m7zb72ass388ess044l_firmware7gf49a\#ab1ss216s_firmware3a9x2a\#301_firmwaresw176c_firmwaress365e_firmwaress330b_firmwaress150kss368fss340bss326c_firmwarest683c_firmwaress395ess229ass383jss106qss386f_firmwaress352a3a9x7a\#ab1_firmwaress059f_firmwaress377d_firmwarest688d_firmwaress342dss044kss150jss216n_firmwaress404fss386dss383mss233a_firmwarest688ass397g_firmwaress389p_firmwaress049kss076n_firmwaress395tss216bss153ess196b_firmwaress271b_firmwaress397mss076c_firmwaress384d_firmwaress150l_firmwaress340d_firmwaress334ass334b_firmwaress150nss076wss389j_firmwaress195bss330a_firmwaress365ess257n_firmwaress107lss334fss213f_firmwaress033c4zb83a_firmwaress059a7zb21a4zb94a_firmwaress058bsv901bss059jss263a_firmwarest695bss230lss349dss359nss044n_firmwaress106kss235ass323a_firmwaress107nss106a_firmwaress343dss271l_firmwaress216css153c_firmwaress041e_firmwaress369b_firmwarest679gss397jss383d_firmwaress288a_firmwaress391f_firmwaress380css106dss327bss049h_firmwaress106h_firmwaress322a7fq91a\#ab1_firmwaress272kss027e_firmwaress105f_firmware4zb94ass397d_firmwaress075h_firmwarest679dss216z7fq95a\#ab1ss237b_firmwaress389ass150d_firmwaress337a_firmwaress352f4zb81a_firmwaress398d_firmwaress271css230a4zb82a_firmwaress154bst690a_firmware7zb19a_firmwaress383v_firmwaress151b_firmwaress033d_firmwaress404f_firmwaress271a_firmwaress257k_firmwaress204psw192ast688f_firmwaress367e_firmwaress340a_firmwaress354a_firmwaress389t_firmwaress211ass384est673b_firmwaress152ass339d_firmwaress043ass204e_firmwaress383c7fr01a\#ab1ss219dss388h_firmwaress106q_firmwaress272lss377dss383pss377l_firmwaress033c_firmwaress343gss268b_firmwaress213ass229d_firmwaress392b_firmwaress365m_firmwarest695a_firmwaress196c4zb81ass211pst685ass322b_firmwaress273ass368e_firmwaress271hst693c_firmware4zb93a_firmwaress213css044f_firmwaress219d_firmwaress397l_firmwaress383ew7u02ass282a_firmwaress216fss075f6hu10a_firmwaress042e_firmwaress049l_firmwaress205g_firmwaress397fss256sss210gss397f_firmware8pa14a\#302_firmwaress027c_firmware4zb91a_firmwaress368f_firmwaress352pss216mss343jss390h_firmwaress404d_firmwaress284ass335b_firmwaress230bss059j_firmwaress271gss230h7gf51a\#ab1_firmware3b0c7a\#301ss150sss205sss365a_firmwaress353kss326b_firmwaress256b_firmwaress230fss377a_firmwaress059gss216pss199a_firmwarest673c_firmware2zn50ass213bss271f_firmwarest682bss153e_firmwaress044nss076gss367f_firmwaress027b_firmware7fr02a\#ab1ss377css204k_firmwaress205q_firmwaress353gss204nss257css383c_firmwaress359pss386c_firmwaress105ass076zss389vss256fst690b_firmwaress260ass271n_firmwaress343ass205bss033e_firmwaress393b_firmwaress272k_firmwaress378css404nss396a_firmwaresw112b_firmwaress368b_firmwaress383k_firmwarest673css389qss349e_firmware7gf49a\#ab1_firmwaress216u715a0ast688b_firmwaress377c_firmwaress349bss367b_firmwaress075e_firmwaress342f_firmwaress352dss328bss388bss213b_firmwaress334cst687a_firmwaress076z_firmwaress377b_firmwaress150ess331b_firmwaress353k_firmwaress210lss075gss390css395gss339ass395css272ess271sss042j_firmwaress385a_firmwaress256dss043bss389fss041h_firmwaress211p_firmwaress386ess033n3b0d3a\#301_firmwaress196c_firmwaress398g_firmwaress367bss255bss287ass049a_firmwaress263b_firmwaress388g_firmwarest673bss324ass271j_firmwaress044a_firmwaress367c_firmwaress044h_firmwaress153jss404mss272ass211g_firmwaress383fss230tss397k_firmwaress149ass389l_firmwaress229jss378h_firmware5ue14a_firmwarest685a_firmwarest686a_firmwarest694c_firmware7zb20ass349a_firmwaress205jss108fss359p_firmwaress108c_firmwaress353ess256q_firmwaress352jss106pss205mss107l_firmwarest683ess204j_firmwaress286ass396f_firmwaress384e_firmwaress271t_firmwaress359a3a9x7a\#ab1ss365ass393css257f_firmwaress042e715a5ass256h3a9x4a\#ab1_firmwaress389jss257l7gf48a\#ab1ss254ass260a_firmwaress027hst688ess365d7ab26ass217a_firmwaress272t_firmwaress153lss352c4zb87ass058c_firmwaress043fss339cst690dst686bss383sss256s_firmwaress204b_firmwaress272dss256pss395j_firmwaress219c_firmwaress359m_firmwaress105c_firmwaress398gss231ass107d_firmwaress377m_firmwaress033dss205a_firmware7fq87a\#ab1_firmwaress282c_firmwaress033m_firmwaress282ass281c_firmwarest673d_firmwaress108kss377ess107a_firmwaress395f_firmwaress043jss367dst682c_firmwaress229bss153fss105a_firmwaress395f7fq93a\#ab1_firmwaress335hss216z_firmwaress108lss338a_firmwaress271s_firmwaress107gss334e_firmwaress398bss378k4zb88ass204p_firmwaress205u_firmwaress272ust694bss381a_firmwaress049gss277b_firmwaress256t_firmwaress107hss153h_firmwaress350a_firmwaress272tss388ass391d_firmwaress388d_firmwaress043g_firmwaress390e_firmwaress397gss229g_firmwaress049b_firmware7fq96a\#ab1ss204hst679bst684b_firmwaress196gss076p_firmwaress213fss404c_firmwaress204gss210k4zb84ast679c_firmwaress368j_firmwaress393ass397nss196ass044g_firmware715a4ass150pss348bss041bss388h6hu09ass211n_firmwaress397n_firmwaress392c_firmwaress153g_firmware7fr05a\#ab1ss215ass276css044lss322a_firmwaress389f_firmwaress154b_firmwaress218g_firmwaress389nst679css331bss041gss106z_firmware1vr14ass352p_firmwaress383w_firmwaress389c_firmwarest690ass377f_firmwaress205e8af52a_firmware2ky38a_firmwarest683ass196e4zb80a_firmwarest684bss216t_firmwaress211f715a2ass378ess384css383dss043l7zb19ass033n_firmwaress044g7fq95a\#ab1_firmwaress196d_firmwaress397e_firmwaress396gss365kst686c_firmwaress230k3b0c1a\#304_firmwaress216tss322c_firmwaress272h_firmwaress027bss153d714z7ass380c_firmwaress152c_firmware4zb80ass272pss108g_firmware714z8ass272sss255css395t_firmwaress348ass108bsw112bss272z_firmwaress106l_firmwaress389sss404bss272j_firmwaress368jss389ess257gss367ess272g_firmwaress153a_firmwaress274b_firmwaress343hss404n_firmwaress256zss395a4zb86a_firmwaress343ess378j_firmwaress396ass398ass344a_firmwaress390gss352c_firmwaress359a_firmwaress103ass257pss041css204css378jss342e_firmwaress229b_firmware714z6ass388dss335css267ass340b_firmwaress284bss343bst694css256bsw176css204fss150e_firmwaress205z_firmwaress042gss205n_firmwaress351a_firmwaress204g_firmwaress343d_firmwaress152dss343h_firmwaress033f_firmwaress349d_firmwaress390a_firmwaress349b_firmwaress216dss230dss378g_firmwaress218k_firmware209u7a_firmwaress377n_firmwaress076a_firmwaress210l_firmwaress229dss377p_firmwaress404p_firmwaress377hss352d_firmwaress106t_firmwaress397qss230jss150hss230qss327b_firmwaress108e_firmwaress231a_firmwaress216ew7u01ass043k_firmwaress342b_firmwaress272m5ue15a_firmwaress322css328b_firmwarest683e_firmwaress377mss257hss254b_firmwaress196e_firmwaress389css153k_firmwaress150m_firmwaress216e_firmwaress388c_firmwaress205g2ky38ass210a_firmwaress150s_firmwaress389bss107e_firmwaress377ass365hss359j_firmware714z7a_firmwaress342ass259a_firmwaress153j_firmware7fq89a\#ab1ss335c_firmwaress205ass266a_firmwaress378c_firmwarest683a_firmware4zb92a_firmwarest695d_firmwaress397c_firmwaress275ass397ess049j_firmwaress395k_firmware3b0c9a\#304ss204a_firmwaress368gss041j_firmwaress044hss049g_firmwaress367fss397h_firmware5ue14ass212ass049hss107ess218kss392bss378k_firmwaress334b7fr01a\#ab1_firmwaress257z_firmwaress337ass230e_firmware4zb97ass076nss210ess394ass271ess205d7fr02a\#ab1_firmware9vv52ass282bss216vss274bss404j_firmware5ue15ass327d_firmwaress390b_firmwaress033gss205tss343f_firmwaress150g_firmwaress106ass075ess384c_firmwaress277bss210fss044dst683css211dsw176b_firmwaress216ass366a_firmwarest686f_firmwaress267b_firmwaress343k_firmwaress210bss395q_firmwaress041ass042h_firmwaress335h_firmwaress107m_firmwaress108ess058e_firmwarest679g_firmwaress378f_firmwaress108dss256ess210b_firmware7gf47a\#ab1715a4a_firmwaress264ass257f3b0c3a\#ab1ss359k_firmwarest693ass049mss210h_firmwaress033est686dss271qss059dss368bss213d_firmwaress343j_firmwaress230sss285ass205b_firmwaress042hss216c_firmwaress218d_firmwaress383b_firmwaress355a_firmwarest686g_firmwaress058d_firmwarest693css357ass257ass059css107kst679ess359qss205e_firmwarest688fss383ass397m_firmwaress331ass390f_firmwaress352s_firmwaress076x_firmwaress387b_firmwaress106s_firmwaress218dss211css075a7gf55a\#ab1ss352j_firmwaress230l_firmwaress378bss386b_firmwaress219ess271mss382ass383lss043c8pa10a\#301_firmwaress365h_firmwaress273a_firmwaress369c_firmwaress390g_firmwaress287bss033b_firmwaress389d_firmwarest688j_firmwaress153hss215a_firmwaress107q_firmwaress075c_firmwaress389k_firmwaress211a_firmwaress205pss378ass359d_firmwaress326a_firmwaress256gss216h_firmwaress257b_firmwaress275css107c7zb25a_firmwaress105bst686ess390c_firmwaress272p_firmwaress397dss076f4zb97a_firmwaress033hss352nss352qss105fss105css196b8pa11a\#301ss041dss368dst679e_firmwaress205j_firmwaress254gss384b6hu12ass107jss210hss043h_firmwaress391a_firmwaress043ess389a_firmwaress204l_firmwaress237ass395b_firmwaress383m_firmwaress044c_firmwareHP and Samsung Printer software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-48224
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.05% / 14.78%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 00:00
Updated-18 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is installed with insecure permissions (full write access within Program Files). Standard users can replace files within this directory that get executed with elevated privileges, leading to a complete arbitrary code execution (elevation of privileges).

Action-Not Available
Vendor-gbgplcn/a
Product-acuant_acufill_sdkn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-48225
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.02% / 4.17%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 00:00
Updated-18 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is used to install drivers from several different vendors. The Gemalto Document Reader child installation process is vulnerable to DLL hijacking, because it attempts to execute (with elevated privileges) multiple non-existent DLLs out of a non-existent standard-user writable location.

Action-Not Available
Vendor-gbgplcn/a
Product-acuant_acufill_sdkn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • Next
Details not found