CVE-2024-7325
HIGHIObit Driver Booster 11.0.0.0 - Uncontrolled Search Path in VCL120.BPL
Title source: llmDescription
A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The identifier of this vulnerability is VDB-273248. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References (3)
Core 3
Core References
Third Party Advisory vdb-entry
https://vuldb.com/?id.273248
Permissions Required signature
permissions-required
https://vuldb.com/?ctiid.273248
Third Party Advisory third-party-advisory
https://vuldb.com/?submit.378139
Scores
CVSS v3
7.8
EPSS
0.0023
EPSS Percentile
13.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-427
Status
published
Products (1)
iobit/driver_booster
11.0.0.0
Published
Jul 31, 2024
Tracked Since
Feb 18, 2026