CVE-2017-2210

HIGH

PatchJGD 1.0.1 - Privilege Escalation

Title source: llm

Description

Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver. 1.0.1 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

References (2)

[Third Party Advisory] http://jvn.jp/en/jp/JVN52691241/index.html

[Vendor Advisory] http://www.gsi.go.jp/sokuchikijun/sokuchikijun41011.html

Scores

CVSS v3 7.8

EPSS 0.0017

EPSS Percentile 38.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status draft

Affected Products (1)

gsi/patchjgd

Timeline

Published Jun 09, 2017

Tracked Since Feb 18, 2026