CVE-2020-18173

HIGH

1Password <7.3.712 - Code Injection

Title source: llm

Description

A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code.

References (1)

Scores

CVSS v3 7.8
EPSS 0.0008
EPSS Percentile 22.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-427
Status published

Affected Products (1)

1password/1password

Timeline

Published Jul 26, 2021
Tracked Since Feb 18, 2026