CVE-2023-45252
HIGHHuddly HuddlyCameraService < 8.0.7 - DLL Hijacking via Insecure Service Directory
Title source: llmDescription
DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges.
References (1)
Core 1
Core References
Exploit, Third Party Advisory
https://www.xlent.no/aktuelt/security-disclosure-of-vulnerabilities-cve-2023-45252-and-cve-2023-45253/
Scores
CVSS v3
7.8
EPSS
0.0032
EPSS Percentile
23.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-427
Status
published
Products (1)
huddly/huddlycameraservice
< 8.0.7
Published
Dec 01, 2023
Tracked Since
Feb 18, 2026