CVE-2024-7325

HIGH

Iobit Driver Booster - Uncontrolled Search Path

Title source: rule

Description

A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The identifier of this vulnerability is VDB-273248. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

References (3)

Scores

CVSS v3 7.8
EPSS 0.0006
EPSS Percentile 18.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-427
Status published

Affected Products (1)

iobit/driver_booster

Timeline

Published Jul 31, 2024
Tracked Since Feb 18, 2026