CVE & Exploit Intelligence Database

CVE-2022-28247 6.7 MEDIUM EPSS 0.00

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges.

CWE-427 May 11, 2022

CVE-2022-0025 6.7 MEDIUM EPSS 0.00

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts: All versions of the Cortex XDR agent when upgrading to Cortex XDR agent 7.7.0 on Windows; Cortex XDR agent 7.7.0 without content update 500 or a later version on Windows. This issue does not impact other platforms or other versions of the Cortex XDR agent.

CWE-427 May 11, 2022

CVE-2021-34606 7.3 HIGH EPSS 0.00

A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and sufficient file-write privileges. If exploited, the attacker could place a malicious DLL file on the system, that when running XINJE XD/E Series PLC Program Tool will allow the attacker to execute arbitrary code with the privileges of another user's account.

CWE-427 May 11, 2022

CVE-2021-42743 8.8 HIGH EPSS 0.00

A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user in Splunk Enterprise versions before 8.1.1 on Windows.

CWE-427 May 06, 2022

CVE-2022-28714 7.3 HIGH EPSS 0.00

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, a DLL Hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CWE-427 May 05, 2022

CVE-2021-20051 7.8 HIGH EPSS 0.00

SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system.

CWE-427 May 04, 2022

CVE-2022-28792 6.2 MEDIUM EPSS 0.00

DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code. The patch adds proper absolute path to prevent dll hijacking.

CWE-427 May 03, 2022

CVE-2022-0192 7.3 HIGH EPSS 0.00

A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow privilege escalation.

CWE-427 Apr 22, 2022

CVE-2022-24767 7.8 HIGH EPSS 0.01

GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.

CWE-427 Apr 12, 2022

CVE-2022-24765 6.0 MEDIUM EPSS 0.00

Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\.git\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\Users` if the user profile is located in `C:\Users\my-user-name`.

CWE-427 Apr 12, 2022

CVE-2022-23449 7.3 HIGH EPSS 0.00

A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path.

CWE-427 Apr 12, 2022

CVE-2022-28779 5.3 MEDIUM EPSS 0.00

Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code.

CWE-427 Apr 11, 2022

CVE-2022-28541 5.9 MEDIUM EPSS 0.00

Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission.

CWE-22 Apr 11, 2022

CVE-2022-27843 6.2 MEDIUM EPSS 0.00

DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code.

CWE-427 Apr 11, 2022

CVE-2022-27842 6.2 MEDIUM EPSS 0.00

DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code.

CWE-427 Apr 11, 2022

CVE-2022-25154 7.3 HIGH EPSS 0.00

A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a local attacker to escalate privileges. (An attacker must already have user privileges on Windows 7, 10, or 11 to exploit this vulnerability.)

CWE-427 Apr 05, 2022

CVE-2022-1098 7.8 HIGH EPSS 0.00

Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking condition. When combined with the Incorrect Default Permissions vulnerability of 4.2.2 above, this makes it possible for an attacker to escalate privileges

CWE-427 Apr 01, 2022

CVE-2022-24426 7.8 HIGH EPSS 0.00

Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation.

CWE-427 Apr 01, 2022

CVE-2022-28128 7.8 HIGH EPSS 0.00

Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory.

CWE-427 Mar 31, 2022

CVE-2022-25348 7.8 HIGH EPSS 0.00

Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory.

CWE-427 Mar 31, 2022