CVE-2024-42048

MEDIUM

OpenOrange Business Framework <1.15.5 - Privilege Escalation

Title source: llm

Description

OpenOrange Business Framework version 1.15.5 installs to a directory with overly permissive access control, allowing all authenticated users to write to the installation path. In combination with the application's behavior of loading DLLs from this location, this allows for DLL hijacking and may result in arbitrary code execution and privilege escalation.

References (9)

Core 9

Core References

Various Sources

https://attack.mitre.org/techniques/T1574/001

Various Sources

https://landings.openorange.com/l/erp-peru-a.html

Various Sources

https://raw.githubusercontent.com/securityadvisories/Security-Advisories/refs/heads/main/Advisories/Blaze%20Information%20Security%20-%20DLL%20Hijacking%20in%20OpenOrange%20Business%20Framework%20Allows%20Arbitrary%20Code%20Execution%20and%20Potential%20Privilege%20Escalation.txt

Various Sources

https://resources.infosecinstitute.com/topic/dll-hijacking

Various Sources

https://www.openorange.com

Vendor Advisory

https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibrarya

Vendor Advisory

https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibraryexa

Vendor Advisory

https://docs.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-search-order

Vendor Advisory

https://support.microsoft.com/en-us/topic/secure-loading-of-libraries-to-prevent-dll-preloading-attacks-d41303ec-0748-9211-f317-2edc819682e1

Scores

CVSS v3 6.5

EPSS 0.0044

EPSS Percentile 35.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-284

Status published

Published Aug 07, 2025

Tracked Since Feb 18, 2026