CVE & Exploit Intelligence Database

CVE-2020-3433 7.8 HIGH KEV RANSOMWARE 1 PoC Analysis EPSS 0.04

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.

CWE-427 Aug 17, 2020

CVE-2020-9767 7.8 HIGH 1 PoC Analysis EPSS 0.00

A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a malicious DLL. Zoom addressed this issue, which only applies to Windows users, in the 5.0.4 client release.

CWE-427 Aug 14, 2020

CVE-2020-7360 7.4 HIGH EPSS 0.00

An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)

CWE-427 Aug 13, 2020

CVE-2020-8687 7.8 HIGH EPSS 0.00

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-427 Aug 13, 2020

CVE-2020-15596 6.7 MEDIUM EPSS 0.00

The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.

CWE-427 Aug 12, 2020

CVE-2020-13177 7.8 HIGH EPSS 0.00

The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path.

CWE-427 Aug 11, 2020

CVE-2020-15657 7.8 HIGH EPSS 0.00

Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

CWE-427 Aug 10, 2020

CVE-2020-16143 7.8 HIGH EPSS 0.00

The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijacking because it loads exchndl.dll from the current working directory.

CWE-427 Jul 29, 2020

CVE-2020-10610 7.8 HIGH EPSS 0.00

In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or modification.

CWE-427 Jul 24, 2020

CVE-2020-15724 7.8 HIGH EPSS 0.00

In the version 12.1.0.1005 and below of 360 Total Security, when the Gamefolde calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking to bypass the hips could execute arbitrary code on the Local system.

CWE-427 Jul 21, 2020

CVE-2020-15723 7.8 HIGH EPSS 0.00

In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Security calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking to bypass the hips could execute arbitrary code on the Local system.

CWE-427 Jul 21, 2020

CVE-2020-15722 7.8 HIGH EPSS 0.00

In version 12.1.0.1004 and below of 360 Total Security,when TPI calls the browser process, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking could execute arbitrary code on the Local system.

CWE-427 Jul 21, 2020

CVE-2020-12423 7.8 HIGH EPSS 0.00

When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox < 78.

CWE-427 Jul 09, 2020

CVE-2020-9100 7.8 HIGH EPSS 0.00

Earlier than HiSuite 10.1.0.500 have a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing.

CWE-427 Jul 06, 2020

CVE-2020-15523 7.8 HIGH EPSS 0.00

In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.

CWE-427 Jul 04, 2020

CVE-2019-20419 7.8 HIGH EPSS 0.00

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. The affected versions are before version 8.5.5, and from version 8.6.0 before 8.7.2.

CWE-427 Jul 03, 2020

CVE-2020-13279 8.6 HIGH EPSS 0.00

Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system

CWE-427 Jun 22, 2020

CVE-2019-20856 9.8 CRITICAL EPSS 0.00

An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.

CWE-427 Jun 19, 2020

CVE-2020-11613 7.8 HIGH EPSS 0.00

Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can replace binaries or plant malicious DLLs to obtain elevated, or different, privileges, depending on the context of the user that runs the application.

CWE-427 Jun 11, 2020

CVE-2020-7585 7.8 HIGH EPSS 0.00

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.

CWE-427 Jun 10, 2020